[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Evaluation: draft-ietf-ipsec-esp-v3-06.txt
Ted Hardie [ ] [ x] [ ] [ ]
Comment:
Section 3.2.1 mentions FIPS 140-2, but it is not included in
the informative references.
The logic in A.3 for the unlikeliness of the loss of 2^32
consecutive packets over a single SA seems compelling,
but in reading it I was struck it seems to assume that
at least one of the two sides is a host. In an association
between two security gateways, are there conditions
in which the same assumptions might not hold? If so,
would it be valuable to mention those conditions? I note
that the document provides a mechanism for handling
the loss when it does occur, so going into the different
conditions may not be worth the extra effort.