Are there any reasons to place the "Next Header" field in ESP trailer instead of ESP header?
Asked
Active
Viewed 2,038 times
1 Answers
6
Well, in IPsec transport mode, the 'Next Header' gives the protocol type of the encrypted packet (e.g. TCP, UDP, etc), and hence is considered confidential, as we don't want the adversary to know the type of traffic. The ESP Header is not encrypted, and hence we cannot put the 'Next Header' field there.
In AH, privacy is not a concern (everything is visible), and hence they do put the 'Next Header' field in the AH header.
poncho
- 154,064
- 12
- 239
- 382