[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Death to AH (was Re: SA identification)
Sandy,
>Pekka Nikander wrote:
>>
>> ... I know, most of this has been discussed to death before,
>> but for me the exact reason for killing AH seems unclear.
>
>One set of reasons are given in the Schneier and Ferguson analysis at:
>http://www.counterpane.com/ipsec.pdf
>
>I'd say several of their recommendations were absolute no-brainers:
>
>1) eliminate transport mode
>2) eliminate AH
>3) make authentication mandatory for ESP
>5) remove the weak key checks; just don't use algorithms where weak
>keys are a risk
>
>In my view, we should just do all of these.
I assume you have not followed the discussions on this list over the
last 12 months, where we have extensively discussed some of these
issues. The paper you cite has many good points, but it is not
written from the perspective of folks who are IP or network experts.
Some of the proposals that you consider "absolute no brainers" do not
have widespread support in the WG, for good technical reasons.
Steve
References: