replay field size

Derrell Piper <piper@tgv.com> Sun, 09 February 1997 00:52 UTC

Received: from cnri by ietf.org id aa03366; 8 Feb 97 19:52 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa17786; 8 Feb 97 19:52 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id TAA28943 for ipsec-outgoing; Sat, 8 Feb 1997 19:40:41 -0500 (EST)
Message-Id: <199702090044.QAA04984@fluffy.cisco.com>
To: ipsec@tis.com
Subject: replay field size
Date: Sat, 08 Feb 1997 16:44:44 -0800
From: Derrell Piper <piper@tgv.com>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

There was clear consensus at the ANX IPSEC bakeoff last week to make the
size of the replay field 32-bits for both AH and ESP.  If we _must_ have
alignment for IPv4 IPSEC then the additional bits should be specified as
alignment.  No one wants to do 64-bit math for replay computation.  It's
silly.  In my opinion, IPv4 is misaligned for 64-bit hardware anyway and I
don't see the point of aligning the fields just to keep the protocol
consistent with IPv6.

I don't think this issue needs the Security AD to resolve.  I think we
already have consensus.  Let's hear now from anyone who absolutely must
have 64 bits or else move to revise AH and ESP to reflect consensus.  We
have much more interesting things to argue about.

Derrell