[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Replay field size in AH

To: naganand@ftp.com (Naganand Doraswamy), kent@bbn.com ('Stephen Kent')
Subject: RE: Replay field size in AH
From: adams@cisco.com (Rob Adams)
Date: Sat, 8 Feb 1997 15:23:55 -0800
cc: ipsec@tis.com (ipsec@tis.com)
Sender: owner-ipsec@ex.tis.com

Regarless of what we do about alignment, a 64 bit replay field seems simply wrong.
2^64 packets before you wrap? 2^32 seems more than sufficient.  The choice of replay
field length should not be linked to any alignment issues. If we need to align the packet
differently, we should add reserved or mbz fields.  The size of the replay counter should 
be useful and correct for replay alone, and not be sized based on any other issues. 

-Rob

----------
From: 	Stephen Kent[SMTP:kent@bbn.com]
Sent: 	Saturday, February 08, 1997 11:13 AM
To: 	Naganand Doraswamy
Cc: 	ipsec@tis.com
Subject: 	Re: Replay field size in AH

I'd like to hear from Jeff Schiller and the WG chairs re this still open
issue.  My recollection is that there was supposed to be a small meetng to
reolve this after the last IPSEC WG meeting in San Jose.  I observed that
we had two variables affecting aligmment: sequence number size and HMAC
size.  Hugo made a suggestion to truncate the SHA-1 value to 128 bits, to
reduce the number of variables affecting alignment, but I don't recall a
decision on this, nor on the 32 vs. 64 bit sequence number.  We do eed to
nail this down so that the grand unified AH and ESP specs can proceed.

Steve

Prev by Date: Re: Replay field size in AH
Next by Date: replay field size
Prev by thread: Re: Replay field size in AH
Next by thread: Re: Replay field size in AH
Index(es):
- Main
- Thread