Re: notes from developer's portion of IETF meeting

[Stephen Kent <kent@bbn.com>]

Bill,

	You provide a good example of how to exploit a tunnel mode use of
ESP w/o integrity.  I would note that it does require a confluence of
wiretap capabilities that often will not be easy to attain, in conjunction
with other wiretap capabilities not being available.  Specificlally,  the
lack of a local passive wiretap ability in conjunction with an active and
passive remote capability may seem odd in many circumstances, although it
certainly is possible in others.

	However, in a transport mode environment, not involving multi-user
end systems, ESP w/o authentication seems very reasonable.  In tunnel mode
with a firewall at one end, whether this form of ESP is OK depends on one's
threat model.  We could be very cautious and have the architectrure
document prohibit such use, or we could have that document merely warn
users (system administrators) about the pitfalls of such use.

Steve

---

References:

• Re: notes from developer's portion of IETF meeting
• From: "William Allen Simpson" <bsimpson@morningstar.com>
• Re: notes from developer's portion of IETF meeting
• From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

---

• Prev by Date: Re: notes from developer's portion of IETF meeting
• Next by Date: Re: notes from developer's portion of IETF meeting
• Prev by thread: Re: notes from developer's portion of IETF meeting
• Next by thread: Re: notes from developer's portion of IETF meeting
• Index(es):
  • Main
  • Thread