[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Replay counter sizes: AH vs ESP -Reply
>>> "Marcus Leech" <mleech@nortel.ca> 12/05/96
11:31am wrote:>>>
I note in reviewing:
draft-ietf-ipsec-esp-des-md5-03.txt
and
draft-ietf-ipsec-ah-hmac-md5-04.txt
That the counter sizes are different, even though the
underlying integrity
mechanisms are identical (HMAC MD5). I can see
this costing extra
code in implementations, which wouldn't be
necessary if the counters
were of the same size.
Marcus,
Both Derrell Piper and I raised the same question
without getting any response. I suggest that unless
someone can provide reasonable argument to justify
the difference of the replay counter sizes, we should
make them the same.
cj_lee@novell.com
Follow-Ups: