[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (in)security of ESP with header compression
Henry Spencer writes:
> On Wed, 16 Apr 2003, David Mcgrew wrote:
> > >...[IPComp] the key is that there is no inter-packet state...
> >
> > That makes sense. For the record, the IPCOMP definition concerns
> > inter-packet state, it says that "each IP datagram is compressed and
> > decompressed by itself without any relation to other datagrams".
>
> And in fact, a careful reading of the specification tells you that this is
> a bit mis-stated: compression implementations are not just permitted but
> encouraged to keep inter-packet state, e.g. to decide whether it is worth
> trying to compress the next packet. It's *decompression*, and only
> decompression, which must not keep inter-packet state. (And that is both
> necessary and sufficient to make IPComp robust against loss or reordering
> of packets.)
Well, I dunno what difference it makes because ROHC is
pretty stateful on both sides...
Mike