Re: Death to AH (was Re: SA identification)

[daw@mozart.cs.berkeley.edu (David Wagner)]

Bill Sommerfeld  wrote:
>In the case of multicast SA's, AH's checksum over the IP source
>address protects the ip source address from tampering.

I promised myself I wouldn't get into the "Death to AH" argument, but...
Could you elaborate?  I can see only two cases:

- Multicast where multiple sources share the same SA:
    If so, the AH MAC doesn't help, because each of the sources 
    can spoof each other.
- Multicast where only a single source can use that SA:
    If so, the AH MAC is unnecessary, because the SA should be associated
    (at the receiver) with a single source IP address, and receivers could
    simply ignore the source IP address from the packet and overwrite it with
    the source IP address negotiated securely when the SA was formed.

In addition, all receivers who can verify the correctness of the AH
MAC can forge valid MAC's, so I don't see how the MAC over the IP source
address is buying you anything.  Where did I go wrong?

---

Follow-Ups:

• Re: Death to AH (was Re: SA identification)
• From: Bill Sommerfeld <sommerfeld@East.Sun.COM>
• Re: Death to AH (was Re: SA identification)
• From: Jun-ichiro itojun Hagino <itojun@iijlab.net>

References:

• Re: Death to AH (was Re: SA identification)
• From: Bill Sommerfeld <sommerfeld@East.Sun.COM>

---

• Prev by Date: Re: Two issues: AH death, and SA identification
• Next by Date: Re: Death to AH (was Re: SA identification)
• Prev by thread: Re: Death to AH (was Re: SA identification)
• Next by thread: Re: Death to AH (was Re: SA identification)
• Index(es):
  • Main
  • Thread