Steve, In the WG discussion, we alluded to a security risk related to IPSEC tunnels. The risk is the following. Compare a typical VPN set-up that uses ESP:
<-- outer IPv6 header -> <-- inner IPv6 packet, encrypted -> +----+--------+--------+------------+----+--------+--------+ +------------ | | | | | | | | | |oNAF| oSRC | oDEST | ESP header |iNAF| iSRC | iDEST | | iPAYLOAD | | | | | | | | | +----+--------+--------+------------+----+--------+--------+ +------------ Now, with the compression, we would in many cases be able to "compress" the source address, resulting in: <-- outer IPv6 header -> <-- inner IPv6 packet, encrypted -> +----+--------+--------+------------+----+--------+ +------------ | | | | | | | | |oNAF| oSRC | oDEST | ESP header |iNAF| iDEST | | iPAYLOAD | | | | | | | | +----+--------+--------+------------+----+--------+ +------------ The big difference between the two is the iSRC is not protected by the encryption, but recomposed after decryption by copying oSRC -- which is not protected. This would open an attack avenue for a hacker or, heavens forbids, a NAT... -- Christian Huitema -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
