[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TOS copying considered harmful



Joe,

>Stephen Kent wrote:
>  >
>  > Joe,
>  >
>  > I agree with Henry here.  We have security issues that influence
>  > whether, when, and how we copy data between the red and black IP
>  > headers, in tunnel mode. 2003 is not attuned to the issues, nor
>  > should it be.
>  >
>  > In the rewrite of 2401, we will try to do a much better job of
>  > describing these mappings, and the rationale behind each.  We didn't
>  > get all of them right last time and will try to do better this time
>  > around.
>
>Would it not be preferable to get those issues in to 2003bis, in one
>place?
>(they _are_ security considerations).
>
>(I'm not proposing to omit the changes, just to roll them, and their
>protocol implications, into 2003bis)

the security issues surrounding mapping of header fields are relevant 
only if one is encrypting the tunneled packet, so I don't understand 
why 2003bis would want to include this info.  Could you clarify?

thanks,

Steve



Follow-Ups: References: