Re: [IPsec] I-D Action:draft-ietf-ipsecme-esp-null-heuristics-04.txt

Wed, 27 Jan 2010 16:18:16 -0800 

Hi,

Do folks have to implement this RFC since its of the INFORMATIONAL type?

If Yes, then i would like some sort of resolution to the issues raised in
http://www.ietf.org/mail-archive/web/ipsec/current/msg05471.html

As a developer i would like to understand as to how i am required to
do cache management, etc and some pointers to this effect would be
appreciated.

I also think that we need to mention that this does open up a window
for DoS attacks as explained in the above post in the Security
Considerations section.

Jack

On Wed, Jan 27, 2010 at 8:15 PM,  <internet-dra...@ietf.org> wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts 
> directories.
> This draft is a work item of the IP Security Maintenance and Extensions 
> Working Group of the IETF.
>
>
>        Title           : Heuristics for Detecting ESP-NULL packets
>        Author(s)       : T. Kivinen, D. McDonald
>        Filename        : draft-ietf-ipsecme-esp-null-heuristics-04.txt
>        Pages           : 37
>        Date            : 2010-01-27
>
> This document describes a set of heuristics for distinguishing IPsec
> ESP-NULL (Encapsulating Security Payload without encryption) packets
> from encrypted ESP packets.  These heuristics can be used on
> intermediate devices, like traffic analyzers, and deep inspection
> engines, to quickly decide whether given packet flow is interesting
> or not.  Use of these heuristics does not require any changes made on
> existing RFC4303 compliant IPsec hosts.
>
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-esp-null-heuristics-04.txt
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> Below is the data which will enable a MIME compliant mail reader
> implementation to automatically retrieve the ASCII version of the
> Internet-Draft.
>
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>
>
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec

Reply via email to