On Nov 14, 2009, at 9:58 PM, Steven Bellovin wrote:
On Nov 14, 2009, at 8:28 PM, David Barak wrote:
I've seen AH used as a "prove that this hasn't been through a NAT" mechanism. In this context, it's pretty much perfect.
However, what I don't understand is where the dislike for it originates: if you don't like it, don't run it. It is useful in certain cases, and it's already in all of the production IPSec implementations. Why the hate?
There are two reasons. First, it's difficult to implement cleanly, since it violates layering: you have to know the contents of the surrounding IP header to calculate the AH field. Back when I was security AD, I had implementors, especially implementors of on-NIC IPsec, beg me to get rid of it. Second, it's redundant; if (as I believe), ESP with NULL encryption does everything useful that AH does, why have two mechanisms?
Maybe someone should push through a "IPSEC-lite" in the same way we are pushing through IGMPv3-lite.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Regards Marshall