IETF Logo Mail Archive

Re: [IPsec] WESP - Roadmap Ahead

Daniel Migault <mglt.ietf@gmail.com> Thu, 12 November 2009 05:44 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 839CD3A687B for <ipsec@core3.amsl.com>; Wed, 11 Nov 2009 21:44:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.561
X-Spam-Level:
X-Spam-Status: No, score=-2.561 tagged_above=-999 required=5 tests=[AWL=0.037, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ws1XDu1L2YHq for <ipsec@core3.amsl.com>; Wed, 11 Nov 2009 21:44:12 -0800 (PST)
Received: from mail-fx0-f215.google.com (mail-fx0-f215.google.com [209.85.220.215]) by core3.amsl.com (Postfix) with ESMTP id 2076D3A6B7C for <ipsec@ietf.org>; Wed, 11 Nov 2009 21:44:02 -0800 (PST)
Received: by fxm7 with SMTP id 7so1854495fxm.29 for <ipsec@ietf.org>; Wed, 11 Nov 2009 21:44:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=kF2FJouZ3Esk01Dupyn63nyCF2TFG/5U1ZMZnv2p9TQ=; b=HK6vKUqlMGyzvz8o1CUYQg5mH1qPX59qvJB7n+xtjEEl7yD2JzHp75dG5uLOUIVCmc gejaj5izjBABxhwFMSIa96O0qaDKc0HqP4WNHf+0nQ9bCQ6DIqnMXVvogIqkzP7M3hse GcGuxJ2oyxZUdsrVHtZGzkG3QPdUrru1pn4XI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=H9t9EMc+GIEPka6fG1OWZsib0jwb7xW7IOF2xJhFqTe91do8QS4Ndym4761woexKLi XX/VyoF0dAm1GeyGxLp0yEjbLL+REQzseKJ3tT/eCAWn6QRB3RiV3GZ5qw9QfUhROsY6 TdbhlghnyHBUXXDCqSrGjwjUAwwjGvUtqAbas=
MIME-Version: 1.0
Received: by 10.103.50.28 with SMTP id c28mr812459muk.17.1258004667258; Wed, 11 Nov 2009 21:44:27 -0800 (PST)
In-Reply-To: <dc8fd0140911112030y46aa24f9hf3715d57446e96c0@mail.gmail.com>
References: <dc8fd0140911110805q67759507t6cf75a1e9d81c5aa@mail.gmail.com> <p06240800c720d4538dd2@133.93.112.234> <p0624080ac7212e67c860@133.93.16.246> <8CCEE8E4-9AC4-46FB-93E4-FE61E0135EB7@doubleshotsecurity.com> <p0624080ec7213743dc05@133.93.16.246> <dc8fd0140911112030y46aa24f9hf3715d57446e96c0@mail.gmail.com>
Date: Thu, 12 Nov 2009 06:44:27 +0100
Message-ID: <51eafbcb0911112144u6e25b826w4ec8110d1f73e652@mail.gmail.com>
From: Daniel Migault <mglt.ietf@gmail.com>
To: Jack Kohn <kohn.jack@gmail.com>
Content-Type: multipart/alternative; boundary="0016e65ae21251591504782609de"
Cc: "ipsec@ietf.org" <ipsec@ietf.org>, "Bhatia, Manav (Manav)" <manav.bhatia@alcatel-lucent.com>, Stephen Kent <kent@bbn.com>, Merike Kaeo <merike@doubleshotsecurity.com>
Subject: Re: [IPsec] WESP - Roadmap Ahead
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Nov 2009 05:44:13 -0000

On Thu, Nov 12, 2009 at 5:30 AM, Jack Kohn <kohn.jack@gmail.com> wrote:

> >
> > Whoops, I was wrong. I looked at 4552 and they do cite ESP-NULL (although
> > they never refer to it that way) as a MUST, and AH as a MAY.
>
> Ok, so can we work on deprecating AH? This way new standards defined
> in other WGs dont have to provide support for AH.
>
>
AH is a security feature we need to keep for header authentication. Other WG
may chose not to deal with AH and only consider ESP. I don't see what's
wrong with that?

 Regards

Daniel
-- 
Daniel Migault
Orange Labs -- Security
+33 6 70 72 69 58

v2.23.0 | Report a Bug | By Email