[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Derived versus Explicit IV

To: ipsec@tis.com
Subject: Re: Derived versus Explicit IV
From: "C. Harald Koch" <chk@utcc.utoronto.ca>
Date: Wed, 23 Jul 1997 10:44:43 -0400
In-reply-to: Your message of "Wed, 23 Jul 1997 08:22:51 -0400". <6314.wsimpson@greendragon.com>
References: <6314.wsimpson@greendragon.com>
Sender: owner-ipsec@ex.tis.com

>  4) A change to explicit IV would "obsolete" thousands of fielded units,
>     and create a user support nightmare.

Yes.

The draft ESP spec, combined with the ciph-des-derived spec, is compatible
with the 32-bit-IV option in RFC 1827+1829, which in turn is the most
commonly implemented transform. The ciph-des-expiv is *not* compatible with
old implementations, due to the addition of the mandatory sequence number
field in the ESP header.

If the new ESP plus new mandatory to implement transforms are *not*
backwards compatible *ON THE WIRE*, then a new IP protocol value for ESP
will be required.

-- 
Harald Koch <chk@utcc.utoronto.ca>

Follow-Ups:

Re: Derived versus Explicit IV

From: Rodney Thayer <rodney@sabletech.com>

Re: Derived versus Explicit IV

From: "Theodore Y. Ts'o" <tytso@MIT.EDU>

References:

Derived versus Explicit IV

From: "William Allen Simpson" <wsimpson@greendragon.com>

Prev by Date: Re: draft-ietf-ipsec-ciph-des-derived-00
Next by Date: RE: Derived versus Explicit IV
Prev by thread: Derived versus Explicit IV
Next by thread: Re: Derived versus Explicit IV
Index(es):
- Main
- Thread