Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp662529ybg;
        Wed, 10 Jun 2020 10:17:46 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJyEvEX6+r24d2BKKpPfQIcE5cTTWPe4XpEucs4/wiRdW0m7qOPnOYlDKIcjS80qOkzwLfce
X-Received: by 2002:a17:906:cd05:: with SMTP id oz5mr4695958ejb.335.1591809466360;
        Wed, 10 Jun 2020 10:17:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1591809466; cv=none;
        d=google.com; s=arc-20160816;
        b=o9nnJG28bV8w5Cf7fFVR1zuZlwn9ja23mZOe7iZnYbZJV0029f4Wn6NWyGVpDGFRlX
         EAP6zEZq6n2Hh52N92rMfn0+HOiTOQmG5ZHogH/X2XJcrJnFom5ksLhgmikY+26Sng9F
         r4aAntilhLhXZ+y0JVYQ5z7Xg9o1njq0cVdOA3n40i+aLYgNpcDnjedxiqRUlNXKVAd8
         rwr3Amcs/hretHy16ra+fu3k8thQ51RcrLemNJBW2ORtFWtHonlzknl8p8gECDB9hXvp
         FGi+uEm/jvNDLWhy07WXM83qg1Eyzo/MPLqkz9gWgZQbf4CA18fJ/2vcPziXWcx/0P6+
         GVuw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date
         :dkim-signature;
        bh=af3ULBToJEyBq9oBroddcQX/ca0UhqQ0Dsej36ik1OI=;
        b=eJp9dgahmwvya12DUreNLT6hE3sjeQCLkoRvxCsfHO5zXWu9RVMMItfJzSHEaNXh4u
         hs43Hlo1MeiWGJJxb6tzlJ6aAptMCpLy/4oeFh7SuGzcHyA/b/bM6hNUw0Y3RU2djsMC
         6/vouZJFWnhp2NvKn/chZ6ohsRF5tiZ2tLEhlWz9hZGh1tKcV60a0dcHIepF5cro+nIq
         5sGZRZe2t1LyFXQgljgmNhrEPAd9zxc1Rq68aEdjVKdyGhsGKMEWsZ0TleQ9UFGdy5Za
         //HidUrfE1rzp0Su1+j2Cu9zp8mABKFqpXUXb0wVak02lPCG52IP7uWisU2ghh87o4+p
         73/w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=bdosIPAF;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id e23si369347ejb.425.2020.06.10.10.17.13;
        Wed, 10 Jun 2020 10:17:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=bdosIPAF;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728439AbgFJPxO (ORCPT <rfc822;cognideck@gmail.com> + 99 others);
        Wed, 10 Jun 2020 11:53:14 -0400
Received: from mail.kernel.org ([198.145.29.99]:49340 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728217AbgFJPxN (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Wed, 10 Jun 2020 11:53:13 -0400
Received: from sol.localdomain (c-107-3-166-239.hsd1.ca.comcast.net [107.3.166.239])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 57E37206F4;
        Wed, 10 Jun 2020 15:53:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1591804393;
        bh=jKyRFc09U4pc6AUdaO2U2v1JesKj0Dr9snvP7EDAh0A=;
        h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
        b=bdosIPAFrSzRJCwMhu1K7aaFtBFNSCDNT2zu6Kz4grWB28dgdF39lQvrWPn5dOyYb
         m6JzWoWKQorB50vbPDqgyPq31E0GWkANLhQMbvP9iNKijJA8jhYrG0GFIsVIXAdPwa
         87SarRnsucOIgiYJfTOZPuuXq8HdOJM2kkyuYFMk=
Date:   Wed, 10 Jun 2020 08:53:12 -0700
From:   Eric Biggers <ebiggers@kernel.org>
To:     Tobias Brunner <tobias@strongswan.org>
Cc:     netdev@vger.kernel.org, linux-crypto@vger.kernel.org,
        Corentin Labbe <clabbe@baylibre.com>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Steffen Klassert <steffen.klassert@secunet.com>
Subject: Re: [PATCH net v3 3/3] esp, ah: modernize the crypto algorithm
 selections
Message-ID: <20200610155312.GB1339@sol.localdomain>
References: <20200610005402.152495-1-ebiggers@kernel.org>
 <20200610005402.152495-4-ebiggers@kernel.org>
 <c87f1edb-4130-a4a9-2915-ae5d55302f0a@strongswan.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <c87f1edb-4130-a4a9-2915-ae5d55302f0a@strongswan.org>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Wed, Jun 10, 2020 at 11:03:55AM +0200, Tobias Brunner wrote:
> Hi Eric,
> 
> > +	  Note that RFC 8221 considers AH itself to be "NOT RECOMMENDED".  It is
> > +	  better to use ESP only, using an AEAD cipher such as AES-GCM.
> 
> What's NOT RECOMMENDED according to the RFC is the combination of ESP+AH
> (i.e. use ESP only for confidentiality and AH for authentication), not
> AH by itself (although the RFC keeps ENCR_NULL as a MUST because ESP
> with NULL encryption is generally preferred over AH due to NATs).
> 
> Regards,
> Tobias

Okay, I'll drop this paragraph.  I'm surprised that authentication-only is still
considered a valid use case though.

- Eric