[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: eliminate AH
I second the motion to eliminate AH from IPSec. Given the evolution
of ESP, it has become redundant.
The ESP document should define the
- SPI - Mandatory
- Sequence Number - Mandatory (I think?)
- Opaque Payload Data - Mandatory but dependent upon the transform.
- Authentication Data - Optional
ESP may define restrictions on the length (e.g. a multiple of eight
bytes) of the Opaque Payload Data, but otherwise not define content.
Individual Transform documents would provide definitions for how the
Opaque Payload Data is defined and would cover any needed fields
including:
- Initialization Vector - Optional
- Payload Data - Mandatory
- Padding - Optional
- Next Header - Mandatory
My two cents.
Bill Whelan
Follow-Ups: