[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit

To: rja@inet.org, pkoning@xedia.com
Subject: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
From: Radia Perlman - Boston Center for Networking <Radia.Perlman@East.Sun.COM>
Date: Mon, 19 Jun 2000 19:26:38 -0400 (EDT)
Cc: OSPF@DISCUSS.MICROSOFT.COM, ipsec@lists.tislabs.com, isis-wg@juniper.net
Reply-To: Radia Perlman - Boston Center for Networking <Radia.Perlman@East.Sun.COM>
Sender: owner-ipsec@lists.tislabs.com

Ran, another basic question...

What's the threat solved by authenticating the source route header
at intermediate points? What would be the problem if a packet
showed up at the destination, not having traversed the route
you wanted? I'm assuming you're not trying to solve the confidentiality
problem by making sure that the packet stays in "friendly" parts of the
net, and therefore doesn't need encryption, but if it took a different
route it would need encryption.

Radia

Follow-Ups:

Re: Deprecation of AH header from the IPSEC tool kit

From: RJ Atkinson <rja@inet.org>

Prev by Date: overcomplicated framework for multicast security without real value
Next by Date: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
Prev by thread: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
Next by thread: Re: Deprecation of AH header from the IPSEC tool kit
Index(es):
- Main
- Thread