[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AH versus authentication-only ESP

To: ipsec@tis.com
Subject: AH versus authentication-only ESP
From: "William Allen Simpson" <wsimpson@greendragon.com>
Date: Mon, 28 Apr 97 16:07:37 GMT
Sender: owner-ipsec@ex.tis.com

> Date: Tue, 22 Apr 1997 16:26:42 -0400
> From: Stephen Kent <kent@bbn.com>
> It's good to see an exmaple of the rationale behind the proposal.  In
> general, if I am tunneling traffic between two security gateways, why do I
> need to protect the outer IP header?  Would I not generally discard it upon
> arrival?

I'd prefer that Moskowitz (and Richardson) speak as to their own
rationale.  But my recollection is, there is a demonstrated trust
relationship between the firewalls themselves, and between the
end-points and the firewalls.  The only protocol tag we have to identify
these firewalls is the IP address.  The SPI is coupled to the IP
address.  Therefore, the IP address needs to be protected.


> The inner IP header is the real focus of protection.  There is no
> reason why I cannot multiplex the same scope of traffic in a tunnel with
> ESP as I can with an AH tunnel, so I don't view that as a differentiator.
>
I am not sure that this is true.  Depends on the trust relationship.  If
the firewall is proxying a trust relationship for the end-point, I don't
think that the same tunnel keys would be used (differing SPIs).

To put the shoe on the other foot, please demonstrate to us that there
is _no_ use for _ever_ authenticating the source and destination of an
IP datagram.

If you cannot do that, then we still need AH.  And if we still need AH,
then we should simplify our _protocol_ implementations to use _one_
method for authentication-only datagrams.

Meanwhile, as I noted in a (just written) previous message, this whole
argument may be needless.  Authentication-only ESP is impossible to
prevent, as the key-management can simply negotiate a non-encryption
algorithm.

So, let's stick to bits on the wire.  What would change in the ESP bits?
I'd say, nothing.

WSimpson@UMich.edu
    Key fingerprint =  17 40 5E 67 15 6F 31 26  DD 0D B9 9B 6A 15 2C 32
BSimpson@MorningStar.com
    Key fingerprint =  2E 07 23 03 C5 62 70 D3  59 B1 4F 5E 1D C2 C1 A2

Prev by Date: policy versus protocol
Next by Date: Re: PMTU/DF issues
Prev by thread: policy versus protocol
Next by thread: Test...
Index(es):
- Main
- Thread