[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: question on ESPbis, Sec. 2.1

To: Mark Baugher <mbaugher@xxxxxxxxx>
Subject: Re: question on ESPbis, Sec. 2.1
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 24 Jan 2003 12:58:49 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 9:30 AM -0800 1/23/03, Mark Baugher wrote:

Steve http://www.ietf.org/internet-drafts/draft-ietf-ipsec-esp-v3-03.txt uses the protocol id (ESP or AH) as part of the SA lookup as an option. I don't understand why it is needed in either the unicast or the multicast cases.

Mark

Mark,

Your are right, it is not necessary in either case. But, for backwards compatibility, and because it is a local matter for the receiver, we don't preclude a receiver from using the protocol type if it wishes.

Under what circumstances do you envision that a sender might be confused by the possibility that two SAs to the same destination might have the same SPI and be differentiated only by including the protocol field in the lookup? A sender does not uses these values in its lookup of an SAD entry, so I didn't see how this would cause a problem.

Steve

References:
- question on ESPbis, Sec. 2.1
  - From: Mark Baugher

Prev by Date: Re: question on ESPbis, Sec. 2.1
Next by Date: Re: Secure legacy authentication for IKEv2
Previous by thread: Re: question on ESPbis, Sec. 2.1
Next by thread: I-D ACTION:draft-ietf-ipsec-ciph-aes-ccm-00.txt
Index(es):
- Date
- Thread