Re: AH (without ESP) on a secure gateway
Steven Bellovin <smb@research.att.com> Wed, 04 December 1996 04:57 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id XAA25468 for ipsec-outgoing; Tue, 3 Dec 1996 23:57:34 -0500 (EST)
Message-Id: <199612040458.XAA18260@raptor.research.att.com>
To: Stephen Kent <kent@bbn.com>
cc: Michael Richardson <mcr@sandelman.ottawa.on.ca>, ipsec@tis.com
Subject: Re: AH (without ESP) on a secure gateway
Date: Tue, 03 Dec 1996 23:58:30 -0500
From: Steven Bellovin <smb@research.att.com>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
You mention early in your message the key issue, which is the focus of this debate. I maintained that it makes sense to use AH between a pair of firewalls ONLY if the header is applied to a tunneled SA. Once we agree on that, the rest ought to be easy. The disagreement has been on whether it is appropriate to have two (or more) instances of AH without an intervening IP header. We have seen several messages now arguing why this is not an appropriate header sequence, including your message to which I am responding. So, I don't disagree with the examples you cited. It's very clear to me that firewall-to-firewall IPSEC -- whether it's ESP or AH -- should be done *only* in tunnel mode. To do otherwise is inviting trouble. In fact, I had thought that was what was done -- no other possibility had occurred to me. There's a second issue that has come up here -- how does one know which the right firewall is? This is one of the points I raised at the last IETF meeting; in my opinion, it's very closely related to the naming issue and the certificate issue, and we haven't really tackled either of those. (See ftp://ftp.research.att.com/dist/smb/ipsec-cert.ps for the (few) slides I used.)
- AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway pau
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway William Allen Simpson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway David P. Kemp
- Re: Re[2]: AH (without ESP) on a secure gateway Ran Atkinson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway Daniel Harkins
- Re: AH (without ESP) on a secure gateway Hilarie Orman
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: Re[2]: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re[4]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: Re[4]: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re[4]: AH (without ESP) on a secure gateway Karl Fox
- Re[5]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[5]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: Re[5]: AH (without ESP) on a secure gateway Bob Monsour
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re: Re[5]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Brian McKenney
- Re: AH (without ESP) on a secure gateway Perry E. Metzger
- Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Brian McKenney
- Re: AH (without ESP) on a secure gateway Ran Atkinson
- Re: Re[5]: AH (without ESP) on a secure gateway Ran Atkinson
- Re: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re: Re[2]: AH (without ESP) on a secure gateway Uri Blumenthal
- Re: AH (without ESP) on a secure gateway Daniel Harkins
- Re: Re[2]: AH (without ESP) on a secure gateway Naganand Doraswamy
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re: Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re: Re[2]: AH (without ESP) on a secure gateway Dan Frommer