[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: padding in ESP
At 12:28 PM +0530 11/15/02, Lokesh wrote:
>Hi all
>One questions each on ESP and AH protocols:
>
>1] why do we need to adjust ESP packet size by padding to be aligned
>to 4 byte boundary in case of
>null encryption? can we bypass padding for null encryption?
>
>2] AH RFC says ICV can be of variable size, and is normally taken as
>12 bytes, in case if someone
>wants > 12 bytes of ICV how he/she can intimate other party of new
>size of the ICV?
>
>Thanks
>Lokesh
The ICV follows the end of the data that is nominally encrypted
(i.e., the NEXT field in ESP). We want the ICV aligned on a 4-byte
boundary for ease of access, hence the requirement for the padding to
be used even in the case of NULL encryption.
Steve