[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP revisions straw poll

To: Stephen Kent <kent@bbn.com>
Subject: Re: ESP revisions straw poll
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Wed, 14 May 1997 17:02:38 +0100
cc: ipsec@tis.com
In-reply-to: Your message of "Wed, 14 May 1997 16:01:05 EDT." <v03007808af9f923adfb8@[128.89.30.23]>
Sender: owner-ipsec@ex.tis.com

In message <v03007808af9f923adfb8@[128.89.30.23]>, Stephen Kent writes:
>
>	I don't mean to say your vote (well, maybe I do ;-)), but could you
>briefly describe your reason for voting against encryptionless ESP?
>

Certainly; for one, i don't see the point. I don't think it's that much
of a performance gain over straight AH. Second, it's yet another
option, so yet another place where things can go wrong in an
implementation. 

Finally (and most importantly), do we really want to allow some form
of authentication where the IP header (the addresses) is *not*
authenticated ? I believe we don't, but perhaps there is some reason
for it ?
-Angelos

Follow-Ups:

Re: ESP revisions straw poll

From: Stephen Kent <kent@bbn.com>

References:

Re: ESP revisions straw poll

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re[2]: ISAKMP commit and notify usage
Next by Date: UofA linux ipsec release
Prev by thread: Re: ESP revisions straw poll
Next by thread: Re: ESP revisions straw poll
Index(es):
- Main
- Thread