[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Reasons for AH & ESP
In message <EDB1679FDCE4D31196840090279A291188A8B4@exchsrv1.cosinecom.com>, Pau
l Lambert writes:
>
>IMHO AH should never be used with IPv4. It adds extra complexity, protocol
>overhead, processing delays and general system design confusion. For IPv4,
>the AH protocol adds no tangible security benefits.
Some of us are far from convinced that AH adds any tangible security
benefits to v6. In particular, I have yet to see an option header that
benefits from the protection. Some people have cited the routing
header, but of course the intermediate routers can't verify the
protection, so you can't use it to assure a certain routing. And if
you have cryptographic authentication of the real source address,
there's no anti-spoof protection from a known-valid source route.
To my way of thinking, AH is useful for exactly one thing, compared
with null authentication-ESP: an outboard monitoring program can tell,
in a reliable, context-independent fashion, that a packet is not
encrypted, and that the next header can be examined and interpreted.
The real answer to the original question, I suspect, is that we have
both AH and null authentication-ESP for historical reasons. That is,
it "just grew that way", with little architectural consensus. (How
could there have been one? The ESP option wasn't even discussed until
very late in the game.) Some of us have argued against AH for years --
I still have a note I sent in 1995 detailing its uselessness. But I
see no consensus to re-open the question; I certainly don't intend to
lead any charge to delete it from the spec as we move towards Draft
Standard. (Admittedly, I have considered such an effort, but I don't
think enough people or views have changed to make it worthwhile, and
I'd rather not stir up pointless controversy.)
--Steve Bellovin
Follow-Ups: