[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TOS copying considered harmful
Joe,
>Stephen Kent wrote:
> >
> > Joe,
> >
> > I agree with Henry here. We have security issues that influence
> > whether, when, and how we copy data between the red and black IP
> > headers, in tunnel mode. 2003 is not attuned to the issues, nor
> > should it be.
> >
> > In the rewrite of 2401, we will try to do a much better job of
> > describing these mappings, and the rationale behind each. We didn't
> > get all of them right last time and will try to do better this time
> > around.
>
>Would it not be preferable to get those issues in to 2003bis, in one
>place?
>(they _are_ security considerations).
>
>(I'm not proposing to omit the changes, just to roll them, and their
>protocol implications, into 2003bis)
the security issues surrounding mapping of header fields are relevant
only if one is encrypting the tunneled packet, so I don't understand
why 2003bis would want to include this info. Could you clarify?
thanks,
Steve
Follow-Ups:
References: