On Nov 14, 2009, at 8:28 PM, David Barak wrote:
> I've seen AH used as a "prove that this hasn't been through a NAT" mechanism.
> In this context, it's pretty much perfect.
>
> However, what I don't understand is where the dislike for it originates: if
> you don't like it, don't run it. It is useful in certain cases, and it's
> already in all of the production IPSec implementations. Why the hate?
There are two reasons. First, it's difficult to implement cleanly, since it
violates layering: you have to know the contents of the surrounding IP header
to calculate the AH field. Back when I was security AD, I had implementors,
especially implementors of on-NIC IPsec, beg me to get rid of it. Second, it's
redundant; if (as I believe), ESP with NULL encryption does everything useful
that AH does, why have two mechanisms?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
