[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[2]: AH (without ESP) on a secure gateway

To: Ran Atkinson <rja@cisco.com>
Subject: Re: Re[2]: AH (without ESP) on a secure gateway
From: Naganand Doraswamy <naganand@ftp.com>
Date: Wed, 04 Dec 1996 16:11:01 -0500
Cc: ipsec@tis.com, rja@cisco.com
Sender: owner-ipsec@ex.tis.com


>	I am aware that many implementers of AH have in fact implemented a
>"tunnel-mode AH" (which looks like this: [ip:r1->r2][ah][ip:h1->h2][ulp],
>where r1,r2 are security gateways and h1,h2 are end nodes).  I believe that
>the best approach is to simply add a definition of this tunnel-mode AH into
>the AH base specification.  This also has the virtue of having the least
>amount of negative impact on interoperability of existing AH implementations.
>
Agreed. I had raised this issue of AH in tunnel mode a couple of months
back, and I didnt get any message against it. I guess adding it to the base
spec will help.


--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)684-6743 (O)

Prev by Date: Re: AH (without ESP) on a secure gateway
Next by Date: RE: SA, Proposal and Transform payloads
Prev by thread: Re: Re[2]: AH (without ESP) on a secure gateway
Next by thread: Re: Re[2]: AH (without ESP) on a secure gateway
Index(es):
- Main
- Thread