Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods

To: ss murthy nittala <ssmurthy.nittala at freescale.com>, Tero Kivinen <kivinen at iki.fi>
Subject: Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
From: Paul Hoffman <paul.hoffman at vpnc.org>
Date: Mon, 11 May 2009 08:13:27 -0700
Cc: ipsec at ietf.org
Delivered-to: ipsec at core3.amsl.com
In-reply-to: <200905111446.n4BEk8Xo017104 at az33smr01.freescale.net>
List-archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: Discussion of IPsec protocols <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
References: <200905111404.n4BE4Nns002222 at az33smr01.freescale.net> <18952.13961.78245.997197 at fireball.kivinen.iki.fi> <200905111446.n4BEk8Xo017104 at az33smr01.freescale.net>

At 8:22 PM +0530 5/11/09, ss murthy nittala wrote:
>The following sentence present in RFC 3602 creates some doubts whether IV in each packet is mandatory or not?
>
>"Including the IV in each datagram ensures that decryption of each
> received datagram can be performed, even when some datagrams are
> dropped, or datagrams are re-ordered in transit."

That is poor wording on the part of the RFC. It should read something like "The reason that the IV is included in each datagram is to ensure..."

--Paul Hoffman, Director
--VPN Consortium

References:
- [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
  - From: ss murthy nittala
- [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
  - From: Tero Kivinen
- Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
  - From: ss murthy nittala

Prev by Date: Re: [IPsec] Issue #107
Next by Date: Re: [IPsec] Issue #107
Previous by thread: Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
Next by thread: Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods
Index(es):
- Date
- Thread

Re: [IPsec] IV in ESP packets for AES-CBC and AES-CTR methods

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.