Re: draft-ietf-ipsec-ciph-des-derived-00
Norman Shulman <norm@tor.securecomputing.com> Wed, 23 July 1997 14:29 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id KAA13546 for ipsec-outgoing; Wed, 23 Jul 1997 10:29:14 -0400 (EDT)
Date: Wed, 23 Jul 1997 10:31:12 -0400
From: Norman Shulman <norm@tor.securecomputing.com>
X-Sender: norm@rafael.tornd.securecomputing.com
To: William Allen Simpson <wsimpson@greendragon.com>
cc: ipsec@tis.com
Subject: Re: draft-ietf-ipsec-ciph-des-derived-00
In-Reply-To: <6311.wsimpson@greendragon.com>
Message-Id: <97Jul23.102628edt.11654@janus.tor.securecomputing.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
On Wed, 23 Jul 1997, William Allen Simpson wrote: > > Page 6, Pad Values, Range: Should be 1 to 255. > > > No, please read in context. The value is the _configured_ maximum > amount of padding to generate and check. Zero (0) means no checking. > For DES, when checking is enabled, the required value is 7, generating > and checking 0-7 bytes of padding. More than 7 are allowed. Therefore, > the configuration range is 7 to 255. > > This section was designed to complement the text that the WG asked to be > added to the ESP draft. I will check the ESP draft to ensure that it > includes the necessary explanation. Since there are really two independent attributes here, I propose replacing this parameter with the following two: Pad Checking New implementations use verifiable values. However, some earlier implementations used pseudo-random values. This check must only be used with those peers that have implemented this feature. Default: 0 (checking off). Range: 0 to 1 (checking on). Maximum Pad Length Some operations desire additional padding to inhibit traffic analysis. Default: 7. Range: 7 to 255. Norm Norman Shulman Secure Computing Canada Systems Developer Tel 1 416 813 2075 norm@tor.securecomputing.com Fax 1 416 813 2001
- draft-ietf-ipsec-ciph-des-derived-00 Norman Shulman
- Re: draft-ietf-ipsec-ciph-des-derived-00 William Allen Simpson
- Re: draft-ietf-ipsec-ciph-des-derived-00 Norman Shulman