[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ICMP in IPSec
> Ari Huttunen wrote:
>
> Hi,
>
> I think that you're trying to approach this problem from a too low
> level perspective. The really important question is about trust.
>
> "Can I trust the sender of the ICMP message?"
>
> "Can I trust that the ICMP message has not
> been changed en-route?"
>
I absolutly agree that the central questions are about trust. The
strategy I took was to surrender that decision to operations and
mainentance groups. You may note that at several key points in my memo,
I suggest that options be given to administrators to accept risk.
So my idea was "let the administrator decide which ICMP to trust", Your
idea is "build a new system which is capable of offering higher identity
and data integrity to ICMP messages."
Ah, I recognize that... it's the age old "do something expedient or do
something architectual" question. Often it turns out to make sence to do
both.
--
####################################
# Ricky Charlet
# (510) 795-6903
# rcharlet@redcreek.com
####################################
end Howdy;
References: