Re: AH (without ESP) on a secure gateway
Michael Richardson <mcr@sandelman.ottawa.on.ca> Wed, 04 December 1996 18:00 UTC
Received: from cnri by ietf.org id aa16442; 4 Dec 96 13:00 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa15196; 4 Dec 96 13:00 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id MAA27029 for ipsec-outgoing; Wed, 4 Dec 1996 12:48:12 -0500 (EST)
Message-Id: <199612041750.MAA00147@amaterasu.sandelman.ottawa.on.ca>
To: ipsec@tis.com
Subject: Re: AH (without ESP) on a secure gateway
In-reply-to: Your message of "Tue, 03 Dec 1996 18:17:41 EST." <v0300780caeca64224f60@[128.33.229.242]>
Date: Wed, 04 Dec 1996 12:50:15 -0500
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
-----BEGIN PGP SIGNED MESSAGE----- >>>>> "Stephen" == Stephen Kent <kent@bbn.com> writes: Stephen> is the focus of this debate. I maintained that it makes Stephen> sense to use AH between a pair of firewalls ONLY if the Stephen> header is applied to a tunneled SA. Once we agree on Stephen> that, the rest ought to be easy. The disagreement has I thought we *DID* agree to that over the summer. ... i just spent some time slurping through the IPsec archives. Ick why aren't they at least in Mailbox or digest format? Argh. Please see http://www.sandelman.ottawa.on.ca/ipsec/maillist.html for a MHonArc version of Jan-Sept. Chairs, if you'd like the mbox format it is there as ipsec.960?.mbox, or the perl script to produce them from what is there, 'toDigest.pl' is also in that directory. Unless requested, I won't be leaving the stuff there, it is large, and I'm on a single 64k B-channel. ... well I give up. Even after looking through things in thread mode, I couldn't find anything. Maybe it says this in the RFCs somewhere. I was sure that AH could not be used except as IP-AH-IP-AH was said sometime ago. Maybe it was said in 1995? :!mcr!: | Network security consulting and Michael Richardson | contract programming WWW: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available. -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQBVAwUBMqW5y9TTll4efmtZAQEKJwIAqzkujHGhuWruCNHffG4xGWDYOeR0eJS6 LqsIxyEuTuKeGsBA0TekP2Vo1ITowaywHl3noZJa9/IB6PMX+b135Q== =8JIP -----END PGP SIGNATURE-----
- AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway pau
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway William Allen Simpson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway David P. Kemp
- Re: Re[2]: AH (without ESP) on a secure gateway Ran Atkinson
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: AH (without ESP) on a secure gateway Daniel Harkins
- Re: AH (without ESP) on a secure gateway Hilarie Orman
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: Re[2]: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re[4]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: Re[4]: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re[4]: AH (without ESP) on a secure gateway Karl Fox
- Re[5]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re[5]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Michael Richardson
- Re: Re[5]: AH (without ESP) on a secure gateway Bob Monsour
- Re: AH (without ESP) on a secure gateway Stephen Kent
- Re: Re[5]: AH (without ESP) on a secure gateway Stephen Kent
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re[2]: AH (without ESP) on a secure gateway Whelan, Bill
- Re: AH (without ESP) on a secure gateway Brian McKenney
- Re: AH (without ESP) on a secure gateway Perry E. Metzger
- Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re[2]: AH (without ESP) on a secure gateway Brian McKenney
- Re: AH (without ESP) on a secure gateway Ran Atkinson
- Re: Re[5]: AH (without ESP) on a secure gateway Ran Atkinson
- Re: AH (without ESP) on a secure gateway Bill Sommerfeld
- Re: Re[2]: AH (without ESP) on a secure gateway Uri Blumenthal
- Re: AH (without ESP) on a secure gateway Daniel Harkins
- Re: Re[2]: AH (without ESP) on a secure gateway Naganand Doraswamy
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re: AH (without ESP) on a secure gateway Steven Bellovin
- Re: Re[2]: AH (without ESP) on a secure gateway Stephen Kent
- Re: Re[2]: AH (without ESP) on a secure gateway Dan Frommer