[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ESP Qs

To: ipsec@tis.com
Subject: ESP Qs
From: Stephen Waters <Stephen.Waters@digital.com>
Date: Wed, 27 May 1998 23:39:07 +0100
Sender: owner-ipsec@ex.tis.com


A few questions from my latest read of the latest draft...

1) Does IKE support indicating that anti-replay is not offered ( r to i
), i.e. that the ESP sequence number will not be checked?
2) If the sender (same as initiator?) is told that there is no checking,
should it leave the sequence number at zero?
3) In the case of manual-keying - when anti-replay SHOULD NOT be used,
should the value of Sequence number be left zero?
4) The IPSEC DOI seems to suggest that implicit IV is the ONLY MUST,
with explicit IV as the 'old way'.  Most implementations I've seen only
support explicit IV.

Cheers, Steve.



Stephen Waters
DEVON, UK

National: 01548 551012 / 550474
International: 44 1548 551012 / 550474
Stephen.Waters@Digital.com

Follow-Ups:

Re: ESP Qs

From: "Derrell D. Piper" <ddp@network-alchemy.com>

Prev by Date: IPCOMP and IPSEC
Next by Date: Re: IPCOMP and IPSEC
Prev by thread: RE: IPCOMP and IPSEC
Next by thread: Re: ESP Qs
Index(es):
- Main
- Thread