[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: who does ESP padding > 8 bytes ?
-----BEGIN PGP SIGNED MESSAGE-----
On Thu, Sep 28, 2000 at 10:22:30AM -0400, Jerome Etienne wrote:
> On Wed, Sep 27, 2000 at 02:13:24PM -0700, William Dixon wrote:
> > Does anyone have an IPSec implementation w/IKE that inserts greater than
> > 8 bytes of ESP padding. I'm aware of two that use up to 8, but none
> > that use more than 8.
>
> why this implementation limit of 8 when the protocol maximum is 255 ?
For some time, I have been considering padding to a random 8-byte
boundary between 0 and 255 to thwart traffic analysis... I'll take
this to the FreeS/WAN list...
William, please don't break things by assuming nobody uses more than
8. It is in the spec for a reason...
slainte mhath, RGB
- --
Richard Guy Briggs -- PGP key available Auto-Free Ottawa! Canada
<www.conscoop.ottawa.on.ca/rgb/> <www.flora.org/afo/>
Prevent Internet Wiretapping! -- FreeS/WAN:<www.freeswan.org>
Thanks for voting Green! -- <green.ca> Marillion:<www.marillion.co.uk>
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
iQCVAwUBOdNj/d+sBuIhFagtAQEM4AP+O45eIUsOinCocLZRlWT3uZ8Lc1tzUkiC
MtjKVTH+6oK8m7cFHwTsSxllnqVw3/YTk78q0ye7M8EI5BUbM6mgGszhaeBP68n5
Qilk2skA8W46LgxXWIPnIK/ayCiqTdldo9rbGU9h7dF0xzfBcVfpujLe/hcAaDRo
1oFMJqSX1hY=
=MThW
-----END PGP SIGNATURE-----
References: