[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP Pad byte changes

To: ipsec@tis.com
Subject: Re: ESP Pad byte changes
From: Rodney Thayer <rodney@sabletech.com>
Date: Thu, 09 Apr 1998 15:16:41 -0400
Sender: owner-ipsec@ex.tis.com

It was put in to allow detection of decryption failures.

>Date: Thu, 09 Apr 1998 11:09:38 -0700
>From: "Scott G. Kelly" <skelly@redcreek.com>
>Organization: RedCreek Communications
>X-Mailer: Mozilla 4.04 [en] (Win95; I)
>To: Jackie Wilson <jhwilson@austin.ibm.com>, ipsec@tis.com
>Subject: Re: ESP Pad byte changes
>Sender: owner-ipsec@ex.tis.com
>
>Jackie Wilson wrote:
><snip...>
>> 
>> if it
>> is not important from a security standpoint to have it, then why is it in
>> the draft?
>
>One argument for using this mechanism is that filling the pad bytes with
>a predictable value prevents filling them with other things, i.e.
>leaking information. I'm not personally arguing for or against, just
>making an observation.
>
>
>

Prev by Date: [ipsec] FW: Key Recovery
Next by Date: Re: a simple question, I hope. Why do we need tunnel mode?
Prev by thread: Re: ESP Pad byte changes
Next by thread: Re: ESP Pad byte changes
Index(es):
- Main
- Thread