you really don't want to open this can of worms I suggest you
go read the archives of the IPsec mailing list over the last 9
years. That should give you some clue into the depth of the
can you plan to open...
-derek
martin f krafft [EMAIL PROTECTED] writes:
As far as I can tell, IPsec's
On 06/19/2003 01:49 PM, martin f krafft wrote:
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
It depends on what you mean by built in.
1) The RFC provides for ESP+authentication but
does not require ESP to use authentication.
2) Although
John S. Denker wrote:
On 06/19/2003 01:49 PM, martin f krafft wrote:
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
It depends on what you mean by built in.
1) The RFC provides for ESP+authentication but
does not require ESP to use
In message [EMAIL PROTECTED], martin f krafft writes
:
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
RFC 2406:
2.7 Authentication Data
The Authentication Data is a variable-length field containing an
Integrity Check Value (ICV)
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
RFC 2406:
2.7 Authentication Data
The Authentication Data is a variable-length field containing an
Integrity Check Value (ICV) computed over the ESP packet minus
the Authentication