Question on authentication coverage in ESP...

["Fred L. Templin" <templin@erg.sri.com>]

Hi,

Please forgive me if this has already been discussed, but I notice from
reading draft-ietf-ipsec-v2-00.txt that the authentication coverage for
ESP does NOT extend into the immutable fields of the IP header and options,
as is the case for AH (see pp. 4,8,9 of the ESP draft). I like the idea of
providing authentication coverage for the immutable IP header fields in AH;
is there a reason this isn't done in ESP?

Thanks,

Fred
templin@erg.sri.com

---

• Prev by Date: PKI draft based on PKCS#10 and PKCS#7
• Next by Date: Re: DOI terminology question
• Prev by thread: PKI draft based on PKCS#10 and PKCS#7
• Next by thread: Re: IPv6 Destination options extension header position.
• Index(es):
  • Main
  • Thread