[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: eliminate AH

To: smb@research.att.com, "William Allen Simpson" <wsimpson@greendragon.com>
Subject: Re: eliminate AH
From: "Whelan, Bill" <bwhelan@nei.com>
Date: Thu, 22 May 97 11:27:27 EST
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

     I second the motion to eliminate AH from IPSec.  Given the evolution 
     of ESP, it has become redundant.
     
     The ESP document should define the
      - SPI - Mandatory
      - Sequence Number - Mandatory (I think?)
      - Opaque Payload Data - Mandatory but dependent upon the transform.
      - Authentication Data - Optional
     
     ESP may define restrictions on the length (e.g. a multiple of eight 
     bytes) of the Opaque Payload Data, but otherwise not define content.
     
     Individual Transform documents would provide definitions for how the 
     Opaque Payload Data is defined and would cover any needed fields 
     including:
      - Initialization Vector - Optional
      - Payload Data - Mandatory
      - Padding - Optional
      - Next Header - Mandatory
     
     My two cents.
     Bill Whelan

Follow-Ups:

Re: eliminate AH

From: John Ioannidis <ji@hol.gr>

Prev by Date: Re: ESP revisions straw poll
Next by Date: Re: ESP revisions straw poll
Prev by thread: Re: eliminate AH
Next by thread: Re: eliminate AH
Index(es):
- Main
- Thread