[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Last Call for IPSEC

To: "Patel, Baiju V" <baiju.v.patel@intel.com>
Subject: Re: Last Call for IPSEC
From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 16 Apr 1998 16:59:29 -0400
cc: "'iesg@ietf.org'" <iesg@ietf.org>, "'ipsec@tis.com'" <ipsec@tis.com>
In-reply-to: Your message of "Thu, 09 Apr 1998 14:28:21 PDT." <199804161414.KAA11087@portal.ex.tis.com>
Reply-To: perry@piermont.com
Sender: owner-ipsec@ex.tis.com

"Patel, Baiju V" writes:
> Here is my analysis of why AH adds no security
> value over ESP with NULL encryption in case of
> IP v4. I do believe that similar story
> exists for IP v6. Therefore, unless one can clearly
> identify the value of using AH over ESP with NULL
> encryption, we MUST not define two standards with are 
> functionally equivalent and yet are different
> (AH is more complex to implement and is
> a layering violation).

I think it really doesn't matter at this point.

Unless you can prove that AH is actually insecure, we've been at this
too long not to progress the documents. We can easily reconsider the
situation before we progress to draft. There is a reason we have two
stages before full standardization.

Perry

References:

RE: Last Call for IPSEC

From: "Patel, Baiju V" <baiju.v.patel@intel.com>

Prev by Date: Re: Radius authentication and client configuration
Next by Date: Weak keys
Prev by thread: RE: Last Call for IPSEC
Next by thread: Re: Last Call for IPSEC
Index(es):
- Main
- Thread