[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AH and mutable fields, how deep to look?

To: itojun@xxxxxxxxxx (Jun-ichiro itojun Hagino)
Subject: Re: AH and mutable fields, how deep to look?
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 12 Dec 2003 09:42:21 -0500
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <> <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

> To make it clear, perhaps change the graphics into (not too happy with

this, but):

       ------------------------------------------------------------
 IPv6  |             |hop-by-hop, dest*, |    | dest |     |      |
       |orig IP hdr  |routing, fragment. | AH | opt* | TCP | Data |
       ------------------------------------------------------------
       |<-- mutable fields processing -->/////<--immutable------->|
       |<---- authenticated except for mutable fields ----------->|


	this is important, when implementing multiple AH on a packet
	(crazy example but possible, and we had interop problem in Connectathon
	between KAME and Solaris)

itojun

I'm not sure I understand your comment. Are you saying that the diagram above is right and handles nested AH instances as you would like, or that it is not right?

Steve

Follow-Ups:
- Re: AH and mutable fields, how deep to look?
  - From: Jun-ichiro itojun Hagino

References:
- Re: AH and mutable fields, how deep to look?
  - From: Markku Savela
- Re: AH and mutable fields, how deep to look?
  - From: Jun-ichiro itojun Hagino

Prev by Date: Re: AH and mutable fields, how deep to look?
Next by Date: Re: AH and mutable fields, how deep to look?
Previous by thread: Re: AH and mutable fields, how deep to look?
Next by thread: Re: AH and mutable fields, how deep to look?
Index(es):
- Date
- Thread