Re: [IPsec] Updated ESP/AH algorithm I-D
Stephen Kent <kent@bbn.com> Tue, 12 March 2013 17:05 UTC
Return-Path: <kent@bbn.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C95A21F8A6B for <ipsec@ietfa.amsl.com>; Tue, 12 Mar 2013 10:05:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KIDc78XqKD-U for <ipsec@ietfa.amsl.com>; Tue, 12 Mar 2013 10:05:02 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) by ietfa.amsl.com (Postfix) with ESMTP id A3D3721F8A48 for <ipsec@ietf.org>; Tue, 12 Mar 2013 10:05:02 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:45766 helo=dhcp-1067.meeting.ietf.org) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1UFSdJ-000DnA-8s; Tue, 12 Mar 2013 13:05:01 -0400
Message-ID: <513F603C.1030007@bbn.com>
Date: Tue, 12 Mar 2013 13:05:00 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/20130307 Thunderbird/17.0.4
MIME-Version: 1.0
To: ipsec@ietf.org, sheila.frankel@nist.gov
References: <D7A0423E5E193F40BE6E94126930C4930BFB6145E1@MBCLUSTER.xchange.nist.gov>, <513F4516.8080905@bbn.com> <D7A0423E5E193F40BE6E94126930C4930BFB6145E5@MBCLUSTER.xchange.nist.gov>
In-Reply-To: <D7A0423E5E193F40BE6E94126930C4930BFB6145E5@MBCLUSTER.xchange.nist.gov>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [IPsec] Updated ESP/AH algorithm I-D
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2013 17:05:03 -0000
Sheila, I understood your point. I objected to your statement that other IPsec RFC were sloppy in the use of security service/mechanism terminology. Steve > Steve, > > Perhaps I wasn't clear in the main thrust of my message. I'm not quibbling about terminology; I'm concerned that the I-D is lacking some vital information. The I-D discusses 2 services provided by ESP and AH: confidentiality and data origin authentication. My point was that the 2nd service includes connectionless integrity protection as well - which is not identical to data origin authentication - and therefore integrity protection should be mentioned in the I-D. > > Sheila >
- [IPsec] Updated ESP/AH algorithm I-D Frankel, Sheila E.
- Re: [IPsec] Updated ESP/AH algorithm I-D Stephen Kent
- Re: [IPsec] Updated ESP/AH algorithm I-D Frankel, Sheila E.
- Re: [IPsec] Updated ESP/AH algorithm I-D Stephen Kent
- Re: [IPsec] Updated ESP/AH algorithm I-D Frankel, Sheila E.
- Re: [IPsec] Updated ESP/AH algorithm I-D David McGrew (mcgrew)