I think you've already been over this, but just to be sure: Is it the intention of the specifications to allow an IP datagram to be reassembled from a combination of ESP-protected fragments tunnelled through different security associations (including the possibility of no ESP protection)? Hilarie