RE: replay field size straw poll
Stephen Kent <kent@bbn.com> Tue, 11 February 1997 20:34 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id PAA19741 for ipsec-outgoing; Tue, 11 Feb 1997 15:34:01 -0500 (EST)
X-Sender: kent@po1.bbn.com
Message-Id: <v03007801af267ca0d15a@[128.33.229.235]>
In-Reply-To: <199702111417.JAA10584@argon.ncsc.mil>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 11 Feb 1997 14:50:39 -0500
To: dpkemp@missi.ncsc.mil
From: Stephen Kent <kent@bbn.com>
Subject: RE: replay field size straw poll
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
David, I concurr with all three of your points re anti-replay field size and hash size. I'd also like to add the observation that I think we will have errors in implementations of the anti-replay windows, because of the need for the modular arithmetic (since we are not starting the counters at 0 or 1). So, having a single size counter for both AH and ESP may further minimize the time it will take to get the bugs out of this code. As editor for the AH and ESP specs, based on the traffic I've seen this last 2 weeks, I'm planing to go with 32-bit counters for both and to assume that the HMAC value will be 128 bits, to help resolve the alignment problem. If there are strong objections to this tact, I'd like to hear by 2/14. Steve
- RE: replay field size straw poll David P. Kemp
- RE: replay field size straw poll Stephen Kent
- Re: replay field size straw poll Steven M. Bellovin
- RE: replay field size straw poll Robert Glenn
- RE: replay field size straw poll Naganand Doraswamy
- RE: replay field size straw poll Rob Adams
- Re: replay field size straw poll Stephen Kent
- RE: replay field size straw poll Luis A. Sanchez
- RE: replay field size straw poll wei