RE: replay field size straw poll

[wei@tis.com]

At 01:44 PM 2/12/97 -0500, Naganand Doraswamy wrote:
>
>>Unless there is a significant change to the AH header, a 32 bit non-optional
>>counter and a 128 bit HMAC value will not resolve the alignment problem.
>>
>>01234567012345670123456701234567
>>+------+-------+-------+-------+
>>| NH   | Len   |  Reserved     |       32 bits
>>+------+-------+-------+-------+
>>|             SPI              |       32 bits
>>+------+-------+-------+-------+
>>| Replay Prev. Counter         |       32 bits
>>+------+-------+-------+-------+
>>|                              |
>>|        HMAC                  |
>>|        Value                 |      128 bits
>>|                              |
>>+------+-------+-------+-------+
>>
>>                               total: 224 bits --- not multiple of 64
>>
>>Possible solutions would be 1) 64 bit counter, 2) a 64 bit alignment pad
>>trailer, or 3) a 160 bit HMAC Value.
>>
>
>I suggest that we provide a reserved field of 32 bits, either before or
>after the replay counter if replay is used and also say that the transform's
>output should either be padded or truncated to a multiple of 64 bits. This
>will solve the 64 bit alignment problem for V6 and also make sure that the
>transforms dont have to worry about the basic AH header length to decide
>about 64 bit alignment.

I think the reserved field should be used as the flag field to allow the
flexible configuration of AH. The reserved field is just wasted since both
the length and the flag will make the AH header for any future use and ease
the inter-operatability of any AHs.

---

• Prev by Date: Re: replay field size
• Next by Date: Re: "Transforms" per se going away?
• Prev by thread: RE: replay field size straw poll
• Next by thread: Truncation (was Re: replay field size)
• Index(es):
  • Main
  • Thread