[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Deprecation of AH header from the IPSEC tool kit

To: Michael Richardson <mcr@solidum.com>
Subject: Re: Deprecation of AH header from the IPSEC tool kit
From: itojun@iijlab.net
Date: Thu, 15 Jun 2000 08:51:48 +0900
cc: Michael Thomas <mat@cisco.com>, ipsec@lists.tislabs.com
In-reply-to: mcr's message of Wed, 14 Jun 2000 19:34:05 -0400. <200006142334.TAA24904@solidum.com>
Sender: owner-ipsec@lists.tislabs.com

>  Assume that Steve Bellovin has ocnvinced everyone that all current IPv6
>extension headers to not benefit from AH, or carry information that could
>be independantly verified from info stored in the SA-table. (e.g. legitimate
>source addresses, pointers to PCBs). i.e. there is no current reason to
>have AH vs ESP in IPv6. 

	the observation is incorrect.  there are extension headers that
	require protection from AH: mobile-ip6 headers like binding update.

itojun

Follow-Ups:

Re: Deprecation of AH header from the IPSEC tool kit

From: Michael Richardson <mcr@solidum.com>

References:

Re: Deprecation of AH header from the IPSEC tool kit

From: Michael Richardson <mcr@solidum.com>

Prev by Date: Re: Deprecation of AH header from the IPSEC tool kit
Next by Date: Re: Deprecation of AH header from the IPSEC tool kit
Prev by thread: Re: Deprecation of AH header from the IPSEC tool kit
Next by thread: Re: Deprecation of AH header from the IPSEC tool kit
Index(es):
- Main
- Thread