[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Replay counter sizes: AH vs ESP
-----BEGIN PGP SIGNED MESSAGE-----
I note in reviewing:
draft-ietf-ipsec-esp-des-md5-03.txt
and
draft-ietf-ipsec-ah-hmac-md5-04.txt
That the counter sizes are different, even though the underlying integrity
mechanisms are identical (HMAC MD5). I can see this costing extra
code in implementations, which wouldn't be necessary if the counters
were of the same size.
I apologize if I've brought up a long-dead topic, but I haven't been
paying seriously close attention to the list for the last little
while.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQBVAwUBMqcjB6p9EtiCAjydAQFAjQIAsqltGt7xo40rS4hWYnZC6ffCllnXye++
cQ8cDqyuJX22TbLQcae6TPm/aVu+EH+HWBnnkS2e33bQ/xfqtk9WLA==
=0WXW
-----END PGP SIGNATURE-----
--
----------------------------------------------------------------------
Marcus Leech Mail: Dept 4C16, MS 238, CAR
Systems Security Architect Phone: (ESN) 393-9145 +1 613 763 9145
Systems Security Services Fax: (ESN) 393-7679 +1 613 763 9435
Nortel Technology mleech@nortel.ca
-----------------Expressed opinions are my own, not my employer's------