[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-esp-v3-01.txt: extended sequence number

To: Jun-ichiro itojun Hagino <itojun@iijlab.net>
Subject: Re: draft-ietf-ipsec-esp-v3-01.txt: extended sequence number
From: Stephen Kent <kent@bbn.com>
Date: Mon, 7 Jan 2002 10:17:19 -0500
Cc: ipsec@lists.tislabs.com
In-Reply-To: <20020107062456.EC19B7BA@starfruit.itojun.org>
References: <20020107062456.EC19B7BA@starfruit.itojun.org>
Sender: owner-ipsec@lists.tislabs.com

itojun,

>	I've got some question regarding to extended sequence number documented
>	in ESPv3 (01 draft).  clarification is appreciated.
>
>	In section 2.2.1, it is mentioned that higher 32bit of extended
>	sequence number is included in ICV.  If this is the case, I guess
>	the use of extended sequence number MUST be negotiated by SA management
>	protocol (instead of "SHOULD" in 01) as the use of extended sequence
>	number changes the wire packet format used for ICV computation.
>	if one end uses extended sequence number and the other doesn't, they
>	will compute ICV differently.
>
>	packet diagram in section 2 seems a little bit confusing with respect
>	to extended sequence number case (sequence number in the diagram has
>	only 32bits).
>
>itojun

You are correct that both ends must know when this feature is used 
for an SA.  We said "SHOULD" vs. "MUST" in case someone wanted to go 
with manual configuration of this feature, but I would prefer MUST if 
the WG concurs.

Figure 2 shows a bits-on-the-wire format, and so it is appropriate to 
illustrate a 32-bit sequence number there.

Steve

References:
- draft-ietf-ipsec-esp-v3-01.txt: extended sequence number
  - From: Jun-ichiro itojun Hagino <itojun@iijlab.net>

Prev by Date: [ A problem ]
Next by Date: ANNOUNCE: NDSS'02 Early Registration Deadlines Approaching
Prev by thread: draft-ietf-ipsec-esp-v3-01.txt: extended sequence number
Next by thread: [ A problem ]
Index(es):
- Date
- Thread