Hi, I was going through the draft and i have a doubt.
Section 8.1 of the draft describes the ESP-NULL packet format. While doing so, it also shows the IV as optional. Now, my question is, that isnt IV for NULL encryption (integrity only) always 0? If thats the case then why are we showing the IV in that packet? Sriram On Mon, Nov 30, 2009 at 8:45 PM, <internet-dra...@ietf.org> wrote: > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the IP Security Maintenance and Extensions > Working Group of the IETF. > > > Title : Heuristics for Detecting ESP-NULL packets > Author(s) : T. Kivinen, D. McDonald > Filename : draft-ietf-ipsecme-esp-null-heuristics-03.txt > Pages : 36 > Date : 2009-11-30 > > This document describes a set of heuristics for distinguishing IPsec > ESP-NULL (Encapsulating Security Payload without encryption) packets > from encrypted ESP packets. These heuristics can be used on > intermediate devices, like traffic analyzers, and deep inspection > engines, to quickly decide whether given packet flow is interesting > or not. Use of these heuristics does not require any changes made on > existing RFC4303 compliant IPsec hosts. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-esp-null-heuristics-03.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
