[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC document reading party!
... Theodore Y. Ts'o said ...
> Bob and I are very concerned that few people are actually
>reading all of the IPSEC drafts, and so there may be internal
>inconsistency and other problems across the various drafts, that perhaps
>won't be discovered until after they are published as RFC's. That, as
>they say, would be Bad.
some comments on the documents and consistencies.
- in the DOI document there is a reference to using ESP with a NULL
encryption routine in order to do tunnelling. At least for AH
it specifies that this should never happen in a real system
(and probably should not for ESP either).
- I am extremely uncomfortable with the idea that the Security
Architecture document suggests that the entire database
must be searched for matching SA's. This seems to make it
impossible to specify policies s.t. each connection gets
a private SA (or similar types of policies). It also makes
the implementation slower and more painful.
- There is very little said about ICMP handling, perhaps there should
be something said about echoing confidential (i.e. ESP) data
in an ICMP packet that does not have ESP.
- There is nothing much said about what kinds of policies are allowed,
and the associations between policies and bundles.
-gordo
--
---------------------------------------------------------------
Gordon Oliver (gordo@telsur.cl) Independent Consultant
... Available for consulting on Linux ...
References: