[Cryptography] Two quick questions about IPsec AH
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Jan 13 02:28:00 EST 2022
Bill Frantz <frantz at pwpconsult.com> writes:
>There are some places where secrecy may be a negative. One example is that
>anything that goes over a amateur radio link.
Another one is treaty compliance monitoring, where nation/organisation A has
monitoring gear in nations B, C, D, and E. The data needs to be integrity-
protected but can't be encrypted since B...E don't trust A.
The solution to this, in the case of IPsec, is to buy everything from the same
vendor to ensure things can talk to each other. IPsec from the same vendor is
often compatible with itself, so this strategy usually works.
Peter.
More information about the cryptography
mailing list