[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: notes from developer's portion of IETF meeting

To: ipsec@tis.com
Subject: Re: notes from developer's portion of IETF meeting
From: ho@earth.hpc.org (Hilarie Orman)
Date: Tue, 22 Apr 1997 17:56:06 -0400
In-reply-to: Yourmessage <199704222101.OAA01764@baskerville.CS.Arizona.EDU>
Sender: owner-ipsec@ex.tis.com

Authonly ESP seems both simple and useful, to me.  And the performance
penalty due to AH header handling might turn out to be the limiting
factor at high speeds.

RE the recollection:

 >As I recall, integrity is required for security _only_ when there are
 >mutually hostile users on multi-user systems at both ends of the
 >connection/path.  These multi-user systems "know" that they require
 >integrity, and can negotiate it appropriately.

This idea has always puzzled me.  Surely block ciphers without some kind of
integrity are insecure in any active attack environment.

Hilarie

Follow-Ups:

Re: notes from developer's portion of IETF meeting

From: daw@cs.berkeley.edu (David Wagner)

Prev by Date: Re: notes from developer's portion of IETF meeting
Next by Date: Re: notes from developer's portion of IETF meeting
Prev by thread: Re: notes from developer's portion of IETF meeting
Next by thread: Re: notes from developer's portion of IETF meeting
Index(es):
- Main
- Thread