[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
r.e. AH used by Mobile IP
As I recall the latest architecture draft REQUIRES BOTH ESP and AH for a
conformant implementation, a change from 1825. If I have that right, does
this imply we are requiring ESP for Mobile IP?
>To: Stuart Jacobs <sjj0@gte.com>
>cc: ipsec@tis.com, "William Allen Simpson" <wsimpson@greendragon.com>
>Subject: Re: eliminate AH -- unanimous
>Date: Fri, 30 May 1997 13:24:35 -0400
>From: Steven Bellovin <smb@research.att.com>
>Sender: owner-ipsec@ex.tis.com
>
> Before the WG eliminates the AH, we must remember that there are other
> protocols being developed that rely on the AH option, specifically Mob
> ile
> IP. Mobile IP control messages (Registration Request, Reg. Reply, BIn
> d
> Update, Agent Advertisements, etc.) all rely on IP AH to provide
> authentication. If AH is dropped then Mobile IP will be forced to
> implement its own form of AH mechanism.
>
>Bill's suggestion is not that the functionality of AH be eliminated,
>but that it be eliminated syntactically as a header distinct from ESP.
>ESP with authentication and null encryption does the same thing, but
>with small changes to the definition of what is protected.
>
>