Re: "user" and "network layer" security. reply to respondents.
"M.C.Nelson" <netsec@panix.com> Fri, 30 August 1996 13:56 UTC
Received: from relay.hq.tis.com by neptune.TIS.COM id aa22783; 30 Aug 96 9:56 EDT
Received: by relay.hq.tis.com; id JAA11235; Fri, 30 Aug 1996 09:59:35 -0400
Received: from sol.hq.tis.com(10.33.1.100) by relay.tis.com via smap (V3.1.1) id xma011228; Fri, 30 Aug 96 09:59:06 -0400
Received: from relay.hq.tis.com by tis.com (4.1/SUN-5.64) id AA11044; Fri, 30 Aug 96 09:58:24 EDT
Received: by relay.hq.tis.com; id JAA11222; Fri, 30 Aug 1996 09:59:04 -0400
Received: from panix.com(198.7.0.2) by relay.tis.com via smap (V3.1.1) id xma011218; Fri, 30 Aug 96 09:58:51 -0400
Received: (from netsec@localhost) by panix.com (8.7.5/8.7/PanixU1.3) id JAA28291; Fri, 30 Aug 1996 09:59:50 -0400 (EDT)
Date: Fri, 30 Aug 1996 09:59:49 -0400
From: "M.C.Nelson" <netsec@panix.com>
To: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Cc: nelson@mcn.netsec.com, PALAMBER@us.oracle.com, ipsec@TIS.COM
Subject: Re: "user" and "network layer" security. reply to respondents.
In-Reply-To: <199608291915.PAA00215@thunk.orchard.medford.ma.us>
Message-Id: <Pine.SUN.3.91.960830095654.26224C-100000@panix.com>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk
Bill, The transport layer doesn't have "user" either. Adding a "user" concept in a new layer between the transport and network layer still breaks the network architecture. Regards, Mitch Nelson netsec@panix.com On Thu, 29 Aug 1996, Bill Sommerfeld wrote: > Another way of looking at ipsec is that the transforms are really a > layer *in between* network and transport. > > You're not so much adding a "user" concept at the network layer as > adding a new layer next to the transport layer, which already has a > concept of "user". > > - Bill > Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ;, tis.com@TIS.COM Cc: ipsec@TIS.COM From: Internet-Drafts@ietf.org Reply-To: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-ipsec-ah-hmac-md5-02.txt Date: Fri, 30 Aug 1996 09:41:20 -0400 Message-Id: <9608300941.aa18298@ietf.org> Sender: ipsec-approval@neptune.tis.com Precedence: bulk --NextPart A Revised Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Protocol Working Group of the IETF. Note: This revision reflects comments received during the last call period. Title : HMAC-MD5 IP Authentication with Replay Prevention Author(s) : M. Oehler, R. Glenn Filename : draft-ietf-ipsec-ah-hmac-md5-02.txt Pages : 7 Date : 08/29/1996 This document describes a keyed-MD5 transform to be used in conjunction with the IP Authentication Header [RFC-1826]. The particular transform is based on [HMAC-MD5]. An option is also specified to guard against replay attacks. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-ipsec-ah-hmac-md5-02.txt". A URL for the Internet-Draft is: ftp://ds.internic.net/internet-drafts/draft-ietf-ipsec-ah-hmac-md5-02.txt Internet-Drafts directories are located at: o Africa Address: ftp.is.co.za (196.4.160.8) o Europe Address: nic.nordu.net (192.36.148.17) Address: ftp.nis.garr.it (193.205.245.10) o Pacific Rim Address: munnari.oz.au (128.250.1.21) o US East Coast Address: ds.internic.net (198.49.45.10) o US West Coast Address: ftp.isi.edu (128.9.0.32) Internet-Drafts are also available by mail. Send a message to: mailserv@ds.internic.net. In the body type: "FILE /internet-drafts/draft-ietf-ipsec-ah-hmac-md5-02.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. For questions, please mail to Internet-Drafts@ietf.org Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ds.internic.net" Content-Type: text/plain Content-ID: <19960829163925.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-ipsec-ah-hmac-md5-02.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ipsec-ah-hmac-md5-02.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19960829163925.I-D@ietf.org> --OtherAccess-- --NextPart--
- "user" and "network layer" security. reply to res… Mitchell C. Nelson
- Re: "user" and "network layer" security. reply to… PALAMBER.US.ORACLE.COM
- Re: "user" and "network layer" security. reply to… Bill Sommerfeld
- Re: "user" and "network layer" security. reply to… M.C.Nelson
- Re: "user" and "network layer" security. reply to… C. Harald Koch
- Re: "user" and "network layer" security. reply to… M.C.Nelson