[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP revisions straw poll

To: "Steven M. Bellovin" <smb@research.att.com>
Subject: Re: ESP revisions straw poll
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Wed, 21 May 1997 08:47:01 +0100
cc: dpkemp@missi.ncsc.mil (David P. Kemp), ipsec@tis.com
In-reply-to: Your message of "Wed, 21 May 1997 11:34:48 -0000." <3.0.32.19970521113228.00890250@127.0.0.1>
Sender: owner-ipsec@ex.tis.com

In message <3.0.32.19970521113228.00890250@127.0.0.1>, "Steven M. Bellovin" wri
tes:
>
>Both, actually.  Encryptionless ESP is the way AH should have been designed.
>(I objected to the current scheme at least as far back as Stockholm.)  But
>yes, I'm tired of arguing.  I'll settle for something that's ugly, less
>efficient, and unclean if it's here *now*...

Several people have mentioned that what the AH computation covers
could be negotiated (wether it's the current scheme or just hte
payload) by the key management layer. I don't think there would be
many objections to that.
-Angelos

PS. I personally wouldn't object to a separate null encryption
transform document either; i just don't want null-encryption in the
base document.

References:

Re: ESP revisions straw poll

From: "Steven M. Bellovin" <smb@research.att.com>

Prev by Date: Re: ESP revisions straw poll
Next by Date: Re: ESP revisions straw poll
Prev by thread: Re: ESP revisions straw poll
Next by thread: Re: ESP revisions straw poll
Index(es):
- Main
- Thread