[Cryptography] Two quick questions about IPsec AH
Phillip Hallam-Baker
phill at hallambaker.com
Thu Jan 6 11:42:05 EST 2022
+1 to the rest of the discussion, but I want to go back to the original
question:
On Tue, Jan 4, 2022 at 1:33 AM R Perlman <radiajpc at gmail.com> wrote:
> 1) Is anyone using it, or are they just using ESP?
>
I am not sure whether AH is being used, but I rather suspect that it is not
because of some other design decisions in IPSEC.
IPSEC as specified in the RFCs was simply unusable because it didn't work
through NAT. The IPSEC authentication included the source address and that
caused connections to fail through NAT boxes.
I remember sitting in an IPSEC meeting at the Dallas IETF and hearing the
AD call this 'a feature'. The notion at the time being that NAT was evil
and it was a good thing if IPSEC didn't work with NAT. That was the first
time I had heard of NAT (I connected through dialup at home). I went out
and bought a NAT box the next week so we could share a single telephone
line and save $30 a month.
Like what part of 'I am not spending my money to enable your
bizarre ideological fetish' did the NAT haters not get? Of course people
were going to stick it to their ISP and share lines. The first broadband
connection I got, the provider wanted $15 extra for every device I
connected, NAT was verboten. Five years later, the terms of service were
unchanged but my cable modem had a NAT function built in.
Looking back on the situation and knowing a lot more about what the NSA was
up to back then (some very senior ex-NSA people have apologized to me
personally not least because of the 2016 debacle), I am pretty sure that
this peculiar ideological fixation was actually being promoted by a small
clique as a way to make sure IPSEC was as useless as possible. A single
person pouring poison into the ears of other people can be surprisingly
effective.
Windows-NT had IPSEC built into the IP stack from very early on. But you
couldn't use the platform implementation for remote access because it
didn't work through NAT. So you had to install a third party client from
your IPSEC firewall vendor with their own particular kludge to work around
the IPSEC anti-NAT inanity. And many of those kludges were patented and...
So I rather doubt EH is used because I doubt any of the kludges were
implemented for anything besides ESP. And besides which, there is a null
cipher for testing and for environments where you want authentication but
DO NOT want encryption (this is very common in SCADA deployments and for
excellent reasons)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220106/b7f9f664/attachment.htm>
More information about the cryptography
mailing list