Earlier, Michael Richardson wrote: > Ran, as you've been rather inactive in IPsec,
Fair point. I mostly watch without writing notes. IPsec hasn't been paid work for me since 1995, (and isn't paid work now -- just community service). > I suspect that some people might not know what > pieces of code and specification you wrote, > and who paid you to write those pieces of code. People I worked with wrote most of the IPsec code, for example two other folks were responsible for inventing and implementing PF_KEY, but the original specification work was mine -- and was very directly derived from NIST publications describing earlier work done by the SDNS Project to develop the SP3D protocol. If one looks at the original I-D for what became ESP, the packet format there is identical to SP3D. Our funding came from ARPA/CSTO, who were funding rather a lot of Internet R&D at that time, and from the Space & Naval Warfare Systems Command. Since this caused me to look back, I'll also note that the use of AH to authenticate IP options and prevent certain attacks is clearly documented by the 2nd paragraph on Page 10 of RFC-1826. Some other limitations inherent with tunnels are noted in the 3rd paragraph on the same page. Cheers, Ran _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
