[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-ietf-ipsec-ciph-aes-ctr-00.txt






> On Fri, 23 Aug 2002, Waterhouse, Richard wrote:
> > The FEC has to be external to ESP for it to prevent authentication
> failure
> > at the ESP level. But I'm unaware of any provision within IP for FECs.
> Where
> > would one apply such an FEC in the protocol stack at the transmitting
> ESP
> > host/gateway that will make it through to the recipient ESP
> host/gateway?
> 
Henry Spencer replied
> The "noisy environment" is a link-level problem, not an IP-level problem,
> so it can be, should be, and is, solved with FEC at the link level.  That
> is the right approach for a number of reasons, not least the need to
> tailor the FEC to the characteristics of the noise environment. 
> 
>>> In an ideal world this would be true. But in the real world there are a
lot of networks (e.g., radio and wireless) where non-trivial noise is still
seen by the higher layers. Therefore, even though it's not ideal,
applications that need to run in such environments have to do FEC/CRC
end-to-end. And they can't do it if the data carried in the packets is
discarded, and not passed up, because of an ESP level authentication
function.

> By the way, the reason for making authentication a MUST is that there are
> effective active attacks against confidentiality without it.  You don't
> *get* reliable confidentiality without authentication. 
> 
>>> This should be a security policy issue to be negotiated. If I have other
mechanisms at higher layers that can compensate, I should be able to set my
policy to negotiate AES CTR without authentication.