All, Working primarily from the HTML diff, towards the end of Section 3, the draft -03 text says in part:
"The IPsec community generally prefers ESP with NULL encryption over AH, but AH is required in some protocols; further, AH is more appropriate when there are security-sensitive options in the IP header" The 1st part of this assumes that IP-layer options aren't in the packet (which most commonly is true) and that the deployment threat model does not consider option insertion attacks to be a major threat (a widely held belief for the commercial portions of the Internet). The 2nd part of this is vague, unclear, and a bit misleading. It could be read as indicating that ESP with NULL encryption is able to protect IP header options, but AH is preferred for that case. In fact, ESP is *NEVER CAPABLE* of (A) protecting IPv4 options or (B) of protecting IPv6 options that are seen & processed by intermediate systems (e.g. routers, security gateways, other middleboxes). ESP also NEVER can prevent option insertion attacks. Lastly, it is ALWAYS possible for an intermediate system (e.g. router with ACLs) to parse past the AH to see transport-layer headers, but even the best of the heuristics for parsing past an ESP header are not 100% reliable. [IMPORTANT NOTE: A previous employer of mine shipped IPv4/IPv6 routers with forwarding silicon that could parse AH and any other IPv4/IPv6 options - at wire-speed for 10 Gbps interfaces - 10 years ago. I am aware of 2 other very widely deployed implementations with the same ability to parse past AH to read TCP/UDP ports and apply ACLs at wire-speed. So this is a widely deployed capability, rather than theory. :-] We owe it to readers to be crisp, clear, complete, and accurate with the text in this draft. Candidate new text: "When no IPv4 options or IPv6 optional headers are present, and in environments without concerns about attacks based on option insertion (e.g. inserting a source routing header to facilitate pervasive eavesdropping), the IPsec community generally prefers ESP with NULL encryption over AH. However, some protocols require AH. Also, AH always protects all IPv4 options and IPv6 optional headers, while ESP NULL is unable to protect any IPv4 options or to protect IPv6 options that are seen & processed by intermediate systems (e.g. routers, security gateways, other middle-boxes). Some IP-layer options, for example IPSO [RFC-1108] and CALIPSO [RFC-5570], today are deployed in some environments while using AH to provide both integrity protection & authentication. Further, deployed routers from multiple vendors are able to parse past an AH header in order to read upper-layer protocol (e.g. TCP) header information (e.g. to apply port-based router ACLs) at wire-speed. By contrast, there is no 100% reliable way to parse past an ESP header, although some ESP header parsing heuristics have been documented [RFC-5879] that work in some cases. Yours, Ran Atkinson _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec