[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec and RSVP

To: Derek Atkins <derek@ihtfp.com>
Subject: Re: IPsec and RSVP
From: Michael Thomas <mat@cisco.com>
Date: Wed, 29 May 2002 09:02:13 -0700 (PDT)
Cc: "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de>, "SatishK Amara" <kumar_amara@yahoo.com>, <dong_wei@tsinghua.com>, "IPsec" <ipsec@lists.tislabs.com>, "Security_Area_Advisory_Group" <saag@mit.edu>
In-Reply-To: <sjm8z632hor.fsf@kikki.mit.edu>
References: <BIEMJDFDALACOIGHKCHCOEGPEHAA.Hannes.Tschofenig@mchp.siemens.de><sjm8z632hor.fsf@kikki.mit.edu>
Sender: owner-ipsec@lists.tislabs.com

Derek Atkins writes:
 > "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de> writes:
 > 
 > > hi
 > > 
 > > what speaks against applying ipsec hop-by-hop (whereby a hop is a rsvp
 > > capable router)?
 > 
 > You lose the authentication of the end-point requesting the
 > reservation.  If you use ipsec in this way, then each router
 > knows its peer, but you have no transitive authentication.
 > The only protection you get is protection of on-the-wire
 > request.  You have no protection against a corrupt router
 > along the path, or indeed no way to know what the actual
 > original request was.

Derek,

There are two different forms of crypto needed for
RSVP: a hop-by-hop integrity object and a policy
object. IPsec could in theory replace the
integrity object, but cannot replace the policy
object. Considering that there is no key
distribution for the hop-by-hop integrity objects,
IPsec might not be a bad choice in some
situations.

		   Mike

Follow-Ups:
- RE: IPsec and RSVP
  - From: "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de>

References:
- RE:
  - From: "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de>
- Re: IPsec and RSVP
  - From: Derek Atkins <derek@ihtfp.com>

Prev by Date: RE: [saag] Re:
Next by Date: Re: ipsec to secure rsvp
Prev by thread: RE: IPsec and RSVP
Next by thread: RE: IPsec and RSVP
Index(es):
- Date
- Thread