[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Does ESP do Data Origin Authentication ...
Hi,
I am a newbie to the whole concept of IP-Sec, so please excuse me if I my
question is naive.
In RFC2401,Sec 3.2, ESP is defined as a protocol that in addition to other
things can provide data origin authentication. In RFC2406, in Sec 3.1, I
find that ESP can authenticate everything in the packet except the IP
header. However, in tunnel mode, since the packet is tunneled, so ESP can
authenticate the original IP header but not the new IP header.
So, when we say that ESP provides data origin authentication, the
statement is applicable only for tunnel mode and not for transport mode.
Is my understanding of this concept correct or did I miss something?
Thanks,
-Dinesh
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
Share information about yourself, create your own public profile at
http://profiles.msn.com.
Follow-Ups: