[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed changes to ESP (andf a little AH too)

To: "Theodore Y. Ts'o" <tytso@xxxxxxx>
Subject: Re: Proposed changes to ESP (andf a little AH too)
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 21 Mar 1997 18:23:44 -0500
Cc: ipsec@xxxxxxx
In-reply-to: <>
References: Stephen Kent's message of Fri, 21 Mar 1997 14:10:11 -0500,<>
Sender: owner-ipsec@xxxxxxxxxx

Ted,

	Even for transport mode ESP, the proposed swap of fields only
exposes the packet counters, nothing else that was not expose before.  The
SPIs are equally visible in both cases, as are the soure and destination
addresses and the IP packet IDs. Together, these pieces of data provide me
with enough info to do a good job of TA, exclusive of the counter info.
So, I'm not sure that I understand why you feel that the exposure of the
packet counters represents much of an aid to traffic analysis.

Steve

Follow-Ups:
- Re: Proposed changes to ESP (andf a little AH too)
  - From: Robert Moskowitz
- Re: Proposed changes to ESP (andf a little AH too)
  - From: Theodore Y. Ts'o

References:
- Proposed changes to ESP (andf a little AH too)
  - From: Stephen Kent
- Re: Proposed changes to ESP (andf a little AH too)
  - From: Theodore Y. Ts'o

Prev by Date: Re: Proposed changes to ESP (andf a little AH too)
Next by Date: Re: Proposed changes to ESP (andf a little AH too)
Previous by thread: Re: Proposed changes to ESP (andf a little AH too)
Next by thread: Re: Proposed changes to ESP (andf a little AH too)
Index(es):
- Date
- Thread