IETF Logo Mail Archive

Re: [IPsec] WESP and reliability

Jack Kohn <kohn.jack@gmail.com> Wed, 04 January 2012 23:56 UTC

Return-Path: <kohn.jack@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D69721F8715 for <ipsec@ietfa.amsl.com>; Wed, 4 Jan 2012 15:56:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rMu3KyHEbRm9 for <ipsec@ietfa.amsl.com>; Wed, 4 Jan 2012 15:56:26 -0800 (PST)
Received: from mail-qy0-f172.google.com (mail-qy0-f172.google.com [209.85.216.172]) by ietfa.amsl.com (Postfix) with ESMTP id 22BF121F8711 for <ipsec@ietf.org>; Wed, 4 Jan 2012 15:56:26 -0800 (PST)
Received: by qcsf15 with SMTP id f15so12782091qcs.31 for <ipsec@ietf.org>; Wed, 04 Jan 2012 15:56:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=gT755MDjgS7f5HPKSWelO3g+HYkwhXYfqqcBzeuPOV8=; b=hp+jKrBFNGug6DMrojjVzJBkDA8v0XpLyhR0FRzFdyUj5GAuqCCYqKOV5csgCiprLC R+xB1YRjQoycIQByQoyj/bFUsAZ1Z2q5VIAZRYJ4ZLonBiYbL3+UpCqN7J3GQmGnJB63 itI6dF7Q3NoTDY75CBJ6LTQyqslcWx385fjAg=
MIME-Version: 1.0
Received: by 10.229.77.85 with SMTP id f21mr20973285qck.79.1325721385671; Wed, 04 Jan 2012 15:56:25 -0800 (PST)
Received: by 10.229.39.139 with HTTP; Wed, 4 Jan 2012 15:56:25 -0800 (PST)
In-Reply-To: <4F04AF7B.1010005@gmail.com>
References: <12533D04-6B3F-490F-935B-4F1FA612C938@gmail.com> <7C362EEF9C7896468B36C9B79200D8350D027BB46F@INBANSXCHMBSA1.in.alcatel-lucent.com> <F1B15794-3291-4E71-BE26-A3559F408B01@gmail.com> <7C362EEF9C7896468B36C9B79200D8350D027BB484@INBANSXCHMBSA1.in.alcatel-lucent.com> <23AFA108-5B72-4CB0-8498-6CC27FC79F96@gmail.com> <CAA1nO734gfXYJLeLU9iYxoArPZJ3Xo3MsXy0Rt9zgoTciBCZbQ@mail.gmail.com> <CAK3OfOg0Gsxxf8T66XNVLHtR1Tk9yHFDGw96tr0UkEh6x5uYpQ@mail.gmail.com> <48CB2A9F-D59C-462F-8C7A-82127A217703@gmail.com> <7C362EEF9C7896468B36C9B79200D8350D028A2AE4@INBANSXCHMBSA1.in.alcatel-lucent.com> <5C745AC3-FA25-42BE-9848-DDEA3078A1FF@gmail.com> <493ECD00-71C7-4471-9B33-9F7F903ECB14@vpnc.org> <541DCEA7-C5A6-42C6-A1CB-DCF91677FB08@gmail.com> <4F04AF7B.1010005@gmail.com>
Date: Thu, 05 Jan 2012 05:26:25 +0530
Message-ID: <CAA1nO732Mg1u=p171LS_6M96kZpy8kCnmpbhZAFjKbTL72eSCg@mail.gmail.com>
From: Jack Kohn <kohn.jack@gmail.com>
To: Yaron Sheffer <yaronf.ietf@gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: IPsec ME WG List <ipsec@ietf.org>, RJ Atkinson <rja.lists@gmail.com>
Subject: Re: [IPsec] WESP and reliability
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2012 23:56:26 -0000

> method (RFC 5879)? Or else is there anything missing in WESP that we
> should pay attention to, for example, maybe it doesn't support specific
> IV or ICV sizes that those non IETF-goers are using?

This stumped me for some time and i went back to read RFC 5840.

The HdrLen in the WESP header will always point to the start of the
unencrypted payload for the devices to inspect. No matter what IV or
ICV size folks use, WESP will always work (contrary to claims made by
a few individuals on the list).

Jack

v2.23.0 | Report a Bug | By Email