bemasc
commented
1 year ago For now, I think we should keep the text on both. If we get a chance to present to the group again, we can emphasize that it is possible to remove AH if the group prefers.
My biggest concern with ESP is that it is much riskier to deploy because it can alter the traffic flow patterns. Otherwise, I generally favor ESP, in order to enable encryption.
BasilGuo
Sorry, THIS is not the right question. So I just refine it. The question is how should we trade-off between Transport Mode and Tunnel Mode.
@bemasc Hi Ben. I need your help. Shall we remove the Transport mode and use Tunnel mode only? Or just leave it as it is?
Maybe we could replace AH with ESP-NULL in transport mode. But ESP-NULL MAY not be the proper answer and there is no reserved field to distinguish standard IPsec ESP-NULL and RISAV-ESP-NULL as RISAV-AH does.
ESP-NULL contains NULL encryption and NULL integrity, which cannot be both NULL, as defined in Sec. 5 of RFC 4303. Generally, it is NULL encryption here. Therefore the existence of ESP-NULL makes AH awkward. However, what makes AH different is the range of authentication data. AH authenticates some constant fields of the IP header which are omitted in ESP.
I think it is better to reserve it here. But it disobeys the discussion in #27. Maybe we need to adopt your third piece of advice.