Robert Moskowitz wrote:
> I have an interesting use case for a new IPv6 header that MAY be secure
> within the ESP payload, or MAY be exposed for inroute processing, but
MUST be
> protected (authenticated data).
That's not the ESP model.
ESP only protects something inside/after it.
AH did what you wanted. Sorta.
I suggest you put two copies of the header, or you make one copy an implicit
property of the SA (a la BEET mode) if need the packets to "emerge" with that
header and you don't want to spend bytes. It's obviously mutable in-transit.
I don't think it matters what cipher you use, although I can imagine trying
to bork this issue via some super-specific custom thing.
> My cursory review is not showing this is currently supported.
> Is it, our would I need to define a variant of the AES-GCM mode?
--
Michael Richardson , Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
___
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
