Your questions

["srinivasrao.kulkarni" <srinu@trinc.com>]

Hi All,

I have some questions regarding
"draft-ietf-ipsec-esp-v2-02.txt November 1997".
As far as I know, if any header contains a variable length of data then it
will have a field for the length of that variable field. But, I found that
in case of ESP header there is no field that gives the payload length and
authdata length whereas in AH header it has payload len. From the payload
length, the authdata length can be determined easily. Is it that the length
field is missing in ESP header format or is it not part of the header? 

And one more thing is that pad length is given for the padding field which
is also of variable length. Assuming that the datagram has been read into a
buffer, how can we access the ESP trailer in it since the authentication
data which succeeds the ESP trailer and the payload data and padding which
precede the trailer are both variable length fields?

It was said w.r.t draft-ietf-ipsec-auth-hmac-sha196-01.txt Nov 1997

HMAC-SHA-1-96 produces a 160-bit authenticator value.  This 160-bit
value can be truncated as described in RFC2104.  For use with either
ESP or AH, a truncated value using the first 96 bits MUST be
supported.  Upon sending, the truncated value is stored within the
authenticator field.  Upon receipt, the entire 160-bit value is
computed and the first 96 bits are compared to the value stored in
the authenticator field.  No other authenticator value lengths are
supported by HMAC-SHA-1-96.
  
My question is how does the receiver know whether the authdata is truncated
or not i.e is it 96-bit or 160-bit without specifying the length in the ESP
header ? 

Than 'Q'

Your Sincerely 
SrinivasRao. B. Kulkarni                             
Rendezvous On Chip Pvt Ltd.
First Floor, Plot No. 14,
NewVasaviNagar, Kharkhana,
SECUNDERABAD - 500019.
Ph : (040)7742606
email address : srinu@trinc.com