[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Wrap up for the IPsec drafts
> Ted and I want to start last call on a set of documents that the IESG will
> promote. Our first step is to group the drafts that are related to this
> group and then finish up the key drafts. So in this light the key drafts
> are:
>
> draft-ietf-ipsec-arch-sec-01.txt (We are waiting to see 02)
This full version is not on the ds.internic.net site. Will 02 be?
> draft-ietf-ipsec-ipsec-doi-03.txt (questions on readiness)
This revision, while posted to the list, isn't on the ds.internic.net site
either.
> draft-ietf-ipsec-auth-hmac-md5-96-00.txt
This revision is not on the site either.
> draft-ietf-ipsec-auth-hmac-sha196-00.txt
And while I've got this one up, lemme ask the naive question that probably
has been answered during ANX testing.
For ESP, do I use the truncated 96-bit HMAC results to place at
the end of my ESP datagram? Or do I used the full result?
In either case, both of the ipsec-auth documents need to make clear
how the auth algorithm in question is used in AH (where 96-bit
trunc is useful) and in ESP (where it is probably a don't-care).
Thanks,
Dan
Follow-Ups:
References: