Re: Increased sequence number in ESP/AH

[Stephen Kent <kent@bbn.com>]

At 4:02 PM -0500 1/23/01, Andrea Colegrove wrote:
>Steve,
>     How does this address freshness (anti-replay)?
>
>     Is this intended only as a useful feature for high-speed devices that may
>need additional SA lifetime?
>
>--- Andrea Colegrove

The extended sequence number is made part of the integrity check, 
e.g., by virtually appending it to the payload, so that anti-replay 
is still offered to an SA that makes use of the extended sequence 
numbers.

Steve

---

References:

• Increased sequence number in ESP/AH
• From: "Costo, Avi" <avi.costo@intel.com>
• Re: Increased sequence number in ESP/AH
• From: Stephen Kent <kent@bbn.com>
• Re: Increased sequence number in ESP/AH
• From: Andrea Colegrove <acc@columbia.sparta.com>

---

• Prev by Date: Re: Increased sequence number in ESP/AH
• Next by Date: Re: Increased sequence number in ESP/AH
• Prev by thread: Re: Increased sequence number in ESP/AH
• Next by thread: Re: Increased sequence number in ESP/AH
• Index(es):
  • Main
  • Thread