[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: replay field size straw poll

To: dpkemp@missi.ncsc.mil (David P. Kemp)
Subject: RE: replay field size straw poll
From: Stephen Kent <kent@bbn.com>
Date: Tue, 11 Feb 1997 14:50:39 -0500
Cc: ipsec@tis.com
In-Reply-To: <199702111417.JAA10584@argon.ncsc.mil>
Sender: owner-ipsec@ex.tis.com

David,

	I concurr with all three of your points re anti-replay field size
and hash size.  I'd also like to add the observation that I think we will
have errors in implementations of the anti-replay windows, because of the
need for the modular arithmetic (since we are not starting the counters at
0 or 1).  So, having a single size counter for both AH and ESP may further
minimize the time it will take to get the bugs out of this code.

	As editor for the AH and ESP specs, based on the traffic I've seen
this last 2 weeks, I'm planing to go with 32-bit counters for both and to
assume that the HMAC value will be 128 bits, to help resolve the alignment
problem.  If there are strong objections to this tact, I'd like to hear by
2/14.

Steve

References:

RE: replay field size straw poll

From: dpkemp@missi.ncsc.mil (David P. Kemp)

Prev by Date: RE: replay field size
Next by Date: Re: replay field size
Prev by thread: RE: replay field size straw poll
Next by thread: Re: replay field size straw poll
Index(es):
- Main
- Thread