Re: replay field size
Matt Thomas <thomas@lkg.dec.com> Mon, 10 February 1997 13:55 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id IAA08699 for ipsec-outgoing; Mon, 10 Feb 1997 08:55:42 -0500 (EST)
Message-Id: <3.0.32.19970208220940.00695cc8@netrix.lkg.dec.com>
X-Sender: mthomas@netrix.lkg.dec.com
X-Mailer: Windows Eudora Pro Version 3.0 Demo (32)
Date: Sat, 08 Feb 1997 22:10:27 -0500
To: Derrell Piper <piper@tgv.com>
From: Matt Thomas <thomas@lkg.dec.com>
Subject: Re: replay field size
Cc: ipsec@tis.com
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
At 04:44 PM 2/8/97 -0800, Derrell Piper wrote: >There was clear consensus at the ANX IPSEC bakeoff last week to make the >size of the replay field 32-bits for both AH and ESP. If we _must_ have >alignment for IPv4 IPSEC then the additional bits should be specified as >alignment. No one wants to do 64-bit math for replay computation. It's >silly. In my opinion, IPv4 is misaligned for 64-bit hardware anyway and I >don't see the point of aligning the fields just to keep the protocol >consistent with IPv6. IPv6 headers need to be 8-byte aligned. Thus AH header must be a multiple of 8-bytes in length. For IPv4, a multiple of 4-bytes is fine. The AH data doesn't have to be 8-byte aligned. [The destination option header comes after the AH and can contain options that require 8-byte alignment]. >I don't think this issue needs the Security AD to resolve. I think we >already have consensus. Let's hear now from anyone who absolutely must >have 64 bits or else move to revise AH and ESP to reflect consensus. We >have much more interesting things to argue about. All I want is that the AH header in IPv6 packets to be a multiple of 8-bytes in length. A 32-bit replay field is fine. I don't even care where the padding is (it would be nice if it were in a standard place), just that it exists. Matt Thomas Internet: matt@lkg.dec.com UNIX Networking WWW URL: http://ftp.digital.com/%7Ethomas/ Digital Equipment Corporation Disclaimer: This message reflects my own Littleton, MA warped views, etc.
- RE: replay field size Roy Shamir
- RE: replay field size Michael J. Oehler
- Re: replay field size Niels Ferguson
- replay field size Derrell Piper
- Re: replay field size Matt Thomas
- RE: replay field size Roy Pereira
- RE: replay field size Ran Atkinson
- RE: replay field size Roy Pereira
- Re: replay field size Tim Bass (IETF)
- RE: replay field size Rob Adams
- Re: replay field size Dan McDonald
- RE: replay field size Ran Atkinson
- Re: replay field size Robert Glenn
- RE: replay field size Roy Pereira
- RE: replay field size Dan McDonald
- Re: replay field size Germano Caronni
- Re: replay field size John Keating
- Re: replay field size Derrell Piper
- Re: replay field size Ran Atkinson
- Re: replay field size wei
- RE: replay field size Stephen Kent
- Re: replay field size Matt Thomas
- RE: replay field size Phil Karn
- Re: replay field size Theodore Y. Ts'o
- Re: replay field size Perry E. Metzger
- Re: replay field size Niels Ferguson
- Re: replay field size Bill Sommerfeld
- Re: replay field size Theodore Y. Ts'o
- Re: replay field size Uri Blumenthal
- RE: replay field size Bob Monsour
- RE: replay field size Stephen Kent
- RE: replay field size Stephen Kent
- Re: replay field size Stephen Kent
- Re: replay field size Stephen Kent
- Re: replay field size Ran Atkinson
- Re: replay field size Steven Bellovin
- Re: replay field size Ran Atkinson
- Re: replay field size Jim Thompson
- Re: replay field size Bart Preneel