[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: order/nesting of IPsec headers (transport mode)

To: kseo@bbn.com
Subject: Re: order/nesting of IPsec headers (transport mode)
From: Ne <sakane@crd.yokogawa.co.jp>
Date: Fri, 29 Aug 1997 10:25:40 GMT
Cc: ipsec@tis.com
In-Reply-To: Your message of Thu, 28 Aug 97 23:57:43 EDT.<199708290401.AAA20051@relay.rv.tis.com>
Sender: owner-ipsec@ex.tis.com

Hi,

kseo: NOTE: In theory, it's also possible for a single host to apply
kseo: more than the 2 tunnel headers:
kseo:
kseo: [IP2][AH or ESP][AH or ESP][...][AH or ESP][IP1][upper] 
kseo:
kseo: or to apply more than the 2 transport headers:
kseo:
kseo: [IP1][AH or ESP][AH or ESP][...][AH or ESP][upper].

It is good implement that all combination of SA is able to supported,
and configured freely, may be.  I'm implementing security protocol
into the kernel of BSD/OS2.1.  After all, I have supported varius
combination of SA except following pattern,

  [IP][ESP][AH][upper]

This pattern is not significant.
Instead, following should be employed, I think.

  [IP][ESP][upper]

Thank you for your comments.

P.S. I want to have a good command of English ... ;-(
==========================================================
 Shoichi Sakane                  TEL   : +81-0423-33-6209
 E-Mail: sakane@cct.dcl.co.jp    FAX   : +81-0423-52-6102
 Information & Communication Technology Center
 Yokogawa Digital Computer Corporation, Tokyo, JAPAN

References:

Re: order/nesting of IPsec headers (transport mode)

From: Karen Seo <kseo@bbn.com>

Prev by Date: Re: order/nesting of IPsec headers (transport mode)
Next by Date: Re: A few observations about the replay issue
Prev by thread: Re: order/nesting of IPsec headers (transport mode)
Next by thread: A few observations about the replay issue
Index(es):
- Main
- Thread