[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ICMP and TCP

To: ipsec@tis.com, tcp-impl@cthulhu.engr.sgi.com
Subject: ICMP and TCP
From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Date: Sun, 26 Apr 1998 20:59:18 -0400
In-reply-to: Your message of "Sun, 19 Apr 1998 02:18:51 EDT." <199804190618.CAA01601@morden.sandelman.ottawa.on.ca>
Sender: owner-ipsec@ex.tis.com


>>>>> "Michael" == Michael Richardson <mcr@sandelman.ottawa.on.ca> missed
some words, confusing his meaning:

    Michael> Assume a TCP connection that traverses a network, and is carried
    Michael> with IPsec (perhaps just AH) in "transport" mode. If there is
    Michael> some reason to believe that AH (or ESP) is on that network path,

  ...if there is some reason to believe that AH/ESP is needed on that network
path, that is if you believe that there may be an eavesdropper or active 
TCP spoofer, then I would suggest that there is sufficient additional reason
to worry that they will simply destructive shut you down with ICMP, or
perhaps even just ICMP ping floods

   :!mcr!:            |  Sandelman Software Works Corporation, Ottawa, ON  
   Michael Richardson |	SSH IPsec: http://www.ssh.fi/. Secure, strong, international
 Personal: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available.
 Corporate: <A HREF="http://www.sandelman.ottawa.on.ca/SSW/">sales@sandelman.ottawa.on.ca</A>.

References:

Re: TCPIMPL: Minutes from LA Meeting

From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: Re: ISAKMP - Remaining Issues
Next by Date: IPSEC meeting minutes
Prev by thread: Re: TCPIMPL: Minutes from LA Meeting
Next by thread: Re: TCPIMPL: Minutes from LA Meeting
Index(es):
- Main
- Thread