[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: TOS copying considered harmful

To: "Joe Touch" <touch@ISI.EDU>, "Stephen Kent" <kent@bbn.com>
Subject: RE: TOS copying considered harmful
From: "Svenning Soerensen" <svenning@post5.tele.dk>
Date: Sat, 16 Sep 2000 01:13:33 +0200
Cc: "IP Security List" <ipsec@lists.tislabs.com>
Importance: Normal
In-Reply-To: <39C29AEE.AC6171D@isi.edu>
Sender: owner-ipsec@lists.tislabs.com

> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Joe Touch
> Sent: Friday, September 15, 2000 11:56 PM
> To: Stephen Kent
> Cc: IP Security List; touch@ISI.EDU
> Subject: Re: TOS copying considered harmful
[...]
> 
> > the security issues surrounding mapping of header fields are relevant
> > only if one is encrypting the tunneled packet, so I don't understand
> > why 2003bis would want to include this info.  Could you clarify?
> 
> (warning - potential heresey to follow :-)
> 
> IPSEC may not be the only protocol for encrypting IP packets.
> 
> 2003bis should refer to the general idea that, if the interior payload
> is otherwise encrypted, then there are security considerations to
> copying certain bits, rather than fixing their value.
> Joe

Hmm, since ESP encapsulation will be applied *after* IPIP encapsulation,
I think that it should be the ESP encapsulation's decision what to do
with the outer TOS field.

Svenning

References:

Re: TOS copying considered harmful

From: Joe Touch <touch@ISI.EDU>

Prev by Date: Re: TOS copying considered harmful
Next by Date: FW: TOS copying considered harmful
Prev by thread: Re: TOS copying considered harmful
Next by thread: Re: TOS copying considered harmful
Index(es):
- Main
- Thread