[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit

To: Paul Koning <pkoning@xxxxxxxxx>
Subject: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 19 Jun 2000 15:09:30 -0400
Cc: rja@xxxxxxxx, OSPF@xxxxxxxxxxxxxxxxxxxxx, ipsec@xxxxxxxxxxxxxxxxx, isis-wg@xxxxxxxxxxx
In-reply-to: <>
References: <><><4.2.0.58.20000619132241.00981f00@avarice.inner.net><>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

Paul,

The following text is from 2402:

3.2 Authentication Algorithms

The authentication algorithm employed for the ICV computation is
specified by the SA. For point-to-point communication, suitable
authentication algorithms include keyed Message Authentication Codes
(MACs) based on symmetric encryption algorithms (e.g., DES) or on
one-way hash functions (e.g., MD5 or SHA-1). For multicast
communication, one-way hash algorithms combined with asymmetric
signature algorithms are appropriate, though performance and space
considerations currently preclude use of such algorithms.

So, there is explicit mention of the potential use of digital signatures with AH.

Steve

References:
- Re: Deprecation of AH header from the IPSEC tool kit
  - From: Radia Perlman
- Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
  - From: RJ Atkinson
- Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
  - From: Paul Koning

Prev by Date: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
Next by Date: Next Bakeoff (fwd)
Previous by thread: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
Next by thread: Re: [Isis-wg] Re: Deprecation of AH header from the IPSEC tool kit
Index(es):
- Date
- Thread