Re: Review of draft-manral-ipsec-rfc4305-bis-errata-02.txt
Russ Housley <housley@vigilsec.com> Mon, 11 December 2006 22:30 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gttfh-0006jA-Ly; Mon, 11 Dec 2006 17:30:53 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Gttfg-0006ik-Gk for ietf@ietf.org; Mon, 11 Dec 2006 17:30:52 -0500
Received: from woodstock.binhost.com ([66.150.120.2]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1Gttff-0005tj-8S for ietf@ietf.org; Mon, 11 Dec 2006 17:30:52 -0500
Received: (qmail 2394 invoked by uid 0); 11 Dec 2006 22:30:44 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.224.157) by woodstock.binhost.com with SMTP; 11 Dec 2006 22:30:44 -0000
Message-Id: <7.0.0.16.2.20061211172844.042844d8@vigilsec.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.0.16
Date: Mon, 11 Dec 2006 17:30:26 -0500
To: Nicolas Williams <Nicolas.Williams@sun.com>, Vishwas Manral <vishwas@ipinfusion.com>
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <20061211211932.GA26175@binky.Central.Sun.COM>
References: <20061211155532.GB26832@binky.Central.Sun.COM> <457DC1E2.30206@ipinfusion.com> <20061211211932.GA26175@binky.Central.Sun.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c
Cc: secdir@mit.edu, iesg@ietf.org, ietf@ietf.org
Subject: Re: Review of draft-manral-ipsec-rfc4305-bis-errata-02.txt
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Errors-To: ietf-bounces@ietf.org
Nico: >Use of the NULL ESP algorithm implies no confidentiality protection, >while use of the NULL AH algorithm implies no integrity protection >(unless combined mode ESP algorithms are used). And in general we want >IPsec used to provide integrity or confidentiality+integrity protection, >but not really just confidentiality protection. I generally agree with your point. Integrity protection is important, but I am not sure that this is the document to drive this point. We have seen NULL encryption and NULL integrity algorithms are very useful for debugging. Russ _______________________________________________ Ietf mailing list Ietf@ietf.org https://www1.ietf.org/mailman/listinfo/ietf
- Review of draft-manral-ipsec-rfc4305-bis-errata-0… Nicolas Williams
- Re: Review of draft-manral-ipsec-rfc4305-bis-erra… Steven M. Bellovin
- Re: Review of draft-manral-ipsec-rfc4305-bis-erra… Nicolas Williams
- Re: Review of draft-manral-ipsec-rfc4305-bis-erra… Russ Housley
- Re: [secdir] Review of draft-manral-ipsec-rfc4305… Nicolas Williams
- Re: [secdir] Review of draft-manral-ipsec-rfc4305… Jeffrey Hutzelman
- Re: Review of draft-manral-ipsec-rfc4305-bis-erra… Vishwas Manral
- Re: [secdir] Review of draft-manral-ipsec-rfc4305… Nicolas Williams
- Re: [secdir] Review of draft-manral-ipsec-rfc4305… Nicolas Williams