[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: eliminate AH



>      I second the motion to eliminate AH from IPSec.  Given the evolution 
>      of ESP, it has become redundant.
>      
>      The ESP document should define the
>       - SPI - Mandatory
>       - Sequence Number - Mandatory (I think?)
>       - Opaque Payload Data - Mandatory but dependent upon the transform.
>       - Authentication Data - Optional

[...]

Astute readers of this list will note that this is pretty much what swIPe did 
more than four years ago. Did we really need four years of bit-shuffling to 
come back to (almost) the same protocol?

/ji








References: