John S. Denker wrote:
On 06/19/2003 01:49 PM, martin f krafft wrote:
> As far as I can tell, IPsec's ESP has the functionality of
> authentication and integrity built in:
It depends on what you mean by "built in".
1) The RFC provides for ESP+authentication but
does not require ESP to use authent
"John S. Denker" <[EMAIL PROTECTED]> writes:
> On 06/19/2003 01:49 PM, martin f krafft wrote:
> > As far as I can tell, IPsec's ESP has the functionality of
> > authentication and integrity built in:
>
> It depends on what you mean by "built in".
> 1) The RFC provides for ESP+authentication b
On 06/19/2003 01:49 PM, martin f krafft wrote:
> As far as I can tell, IPsec's ESP has the functionality of
> authentication and integrity built in:
It depends on what you mean by "built in".
1) The RFC provides for ESP+authentication but
does not require ESP to use authentication.
2) Although th
you really don't want to open this can of worms I suggest you
go read the archives of the IPsec mailing list over the last 9
years. That should give you some clue into the depth of the
can you plan to open...
-derek
martin f krafft <[EMAIL PROTECTED]> writes:
> As far as I can tell, IPsec'
In message <[EMAIL PROTECTED]>, martin f krafft writes
:
>As far as I can tell, IPsec's ESP has the functionality of
>authentication and integrity built in:
>
>RFC 2406:
>
> 2.7 Authentication Data
>
> The Authentication Data is a variable-length field containing an
> Integrity Check Value (
As far as I can tell, IPsec's ESP has the functionality of
authentication and integrity built in:
RFC 2406:
2.7 Authentication Data
The Authentication Data is a variable-length field containing an
Integrity Check Value (ICV) computed over the ESP packet minus
the Authentication Data.