On Nov 14, 2009, at 8:28 PM, David Barak wrote: > I've seen AH used as a "prove that this hasn't been through a NAT" mechanism. > In this context, it's pretty much perfect. > > However, what I don't understand is where the dislike for it originates: if > you don't like it, don't run it. It is useful in certain cases, and it's > already in all of the production IPSec implementations. Why the hate?
There are two reasons. First, it's difficult to implement cleanly, since it violates layering: you have to know the contents of the surrounding IP header to calculate the AH field. Back when I was security AD, I had implementors, especially implementors of on-NIC IPsec, beg me to get rid of it. Second, it's redundant; if (as I believe), ESP with NULL encryption does everything useful that AH does, why have two mechanisms? --Steve Bellovin, http://www.cs.columbia.edu/~smb