RIP Comms Data conundrum: is dig.sig. address or content ?
Kieran Barry
cs97ktb at brunel.ac.uk
Thu, 16 Mar 2000 00:25:34 +0000 (GMT)
On Wed, 15 Mar 2000, Caspar Bowden wrote:
> Something I've been meaning to get around to is sorting out whether a
> digital signature (on anything - IP-packet, e-commerce transaction package,
> whatever) is content (Part.I. Chapter.I) or address (Part.I Chapter.II) data
>
> If latter, then very little to stop GCHQ/ECHELON harvesting signature flows
> (in future) "in the interests of" (as opposed to safeguarding of) economic
> well-being or crime and disorder (21.2)
>
> So for computer scientists, of the various authentication protocols now
> around and about, which have the signatures on the outside ?
I think that in the IPsec suite of protocols, the authentication data is
added to the packet "on the outside". The names of the protocols involved
are:
Authentication Header (AH)
and
Encapsulation Security Payload (ESP)
I don't know about other protocols.
Regards
Kieran