[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP/AH

To: "J. Noel Chiappa" <jnc@ginger.lcs.mit.edu>
Subject: Re: ESP/AH
From: RJ Atkinson <rja@extremenetworks.com>
Date: Wed, 4 Dec 2002 09:49:20 -0500
Cc: multi6@ops.ietf.org
In-reply-to: <200212041432.JAA07340@ginger.lcs.mit.edu>

On Wednesday, Dec 4, 2002, at 09:32 America/Montreal, J. Noel Chiappa wrote:

From: Iljitsch van Beijnum <iljitsch@muada.com>
The problem with NAT is not that the addresses in the IP header are
changed.
Well, that is a problem (e.g. with IPSec), but you're right, it's more of an
engineering problem than an architectural one.

ESP/AH do that *only* because another more suitable identifier did not
exist in the Internet Architecture.  If we could add such an identifier
to the architecture, the logical thing would be to update ESP/AH to use
that identifier (instead of using addresses) in an ESP/AH Security
Association.

Ran
rja@extremenetworks.com

References:
- Re: Site local
  - From: "J. Noel Chiappa" <jnc@ginger.lcs.mit.edu>

Prev by Date: Re: Site local
Next by Date: Re: Consensus check
Previous by thread: Re: Site local
Next by thread: Router solutions
Index(es):
- Date
- Thread