Thanks Tero. >> Section 8.1 of the draft describes the ESP-NULL packet format. While >> doing so, it also shows the IV as optional. Now, my question is, that >> isnt IV for NULL encryption (integrity only) always 0? > > No. In most cases the IV length is 0, but there is AUTH_AES_*_GMAC > authentication algorithms where it is 8 bytes, as explained in the > draft.
Is this the preferred (or recommended) algorithm to be used for NULL encryption now? Are there any docs that use this? Sriram > >> If thats the case then why are we showing the IV in that packet? > > Because it can be there for those ESP_NULL_AUTH_AES_GMAC algorithms > (RFC4543). > -- > kivi...@iki.fi > _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
