> -----Original Message----- > From: Dunn, Jeffrey H. [mailto:[EMAIL PROTECTED]
> I believe that the real issue is the following: > > 1. Simply authenticating the message contents, as in the case of > ESP-NULL, does not authenticate the sender. > 2. Since ESP-NULL does not provide confidentiality, anyone > can view the > message contents. > 3. As a result, any one can retransmit the message with a different > source IPv6 address, any one can masquerade as the original router. I don't pretend to understand all the reasons for which AH was downgraded to a MAY. So I'm taking that as a given. When I saw that AH had been downgraded, even when called upon to protect just the routing protocols, I thought that the protection available with ESP-NULL was still adequate. Legitimate routers which cannot decrypt the OSPFv3 message contents must assume that the source was not legit. Whether or not the IPv6 headers are authenticated. And by the way, it seems to me that some form of L2 encryption, or some other non-IPsec technique, should be equally up to this task. Why isn't this adequate protection? That aside, I agree that NULL-AH would in principle be all that's required to protect a routing protocol, in general (there might be some exceptions). Bert -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
