[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[5]: AH (without ESP) on a secure gateway

To: Karl Fox <karl@ascend.com>
Subject: Re[5]: AH (without ESP) on a secure gateway
From: "Whelan, Bill" <bwhelan@nei.com>
Date: Mon, 02 Dec 96 18:32:55 EST
Cc: sommerfeld@apollo.hp.com, kent@bbn.com, ho@earth.hpc.org, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

>Bill Whelan writes:
>> >Hmm.  Which "protocol tower" are we talking about, anyhow? > 
>> > IP[H1->H2],AH[R1->R2],...
>> 
>> >or
>> 
>> > IP[R1->R2],AH[R1->R2],IP[H1->H2],... > 
>> >(R1,R2 are routers, H1,H2 are hosts; the problem is only interesting > 
>>if we assume H2 != R2).
>...
>> Unless I'm really confused, the latter case is not even provided for in the 
>> specifications...

>I certainly hope the latter case is legal, because it's used by quite a 
>number of encrypting firewalls.

Oh, I am quite certain it is legal.  What I'm wondering is whether it is 
REQUIRED (two very different things).  From some of the discussion I've seen 
in the last week, this appears to be an assumed requirement.  I just don't 
see it REQUIRED by the IPSEC documents.
>-- 
>Karl Fox, servant of God, employee of Ascend Communications
>3518 Riverside Drive, Suite 101, Columbus, Ohio 43221   +1 614 326 6841

Bill

Follow-Ups:

Re[5]: AH (without ESP) on a secure gateway

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re[4]: AH (without ESP) on a secure gateway
Next by Date: Re: AH (without ESP) on a secure gateway
Prev by thread: Re[4]: AH (without ESP) on a secure gateway
Next by thread: Re[5]: AH (without ESP) on a secure gateway
Index(es):
- Main
- Thread