IPSec study help

I wonder if you could help me with something - I'm trying to read over IPSec notes, but my lecturer's notes are relatively hard to follow - she has a habit of explaining things in a way that makes sense to her but nobody else. I think I have a basic understanding but would like to know how accurate I am.

IPSec is the other security protocol alongside SSL. It was created because TCP/IP does not have any security features built in to it. It does this by using security associations (this part kind of confuses me, so it might be completely wrong) that are stored in SA databases/repositories on the sender and receiver. Is the SA similar to the challenge-response handshaking protocol, where the server has a database of hashed passwords?

IPSec adds two new headers.. either the authentication header or encapsulating security payload. The Authentication Header contains Next Header, which describes what the next header will be - TCP etc., the payload, which is how big the header will be, the Special Parameter Index, which points to where the SA is stored on the database and Sequence Number Field, which is the sequence number for each payload.

ESP shares a lot of the same features as AH, only AH doesn't require encryption that ESP does have.

Is authentication provided in AH because only the client would know the specific SA and where it will be stored on the database, with the special parameter index?

From my understanding of AH, it is either below or above the TCP header, depending on whether it will be tunnel or transport mode, or does tunnel mode only exist in ESP?

Like I've said, I could be entirely wrong in my statements as I'm only really just trying to understand it now.

Thank you.

JimmyCrackCorn

LECTURE NOTES:
http://cobweb.ecn.purdue.edu/~kak/compsec/NewLectures/Lecture20.pdf

NOTES:
http://www.google.ie/search?q=IPSec+notes&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a#hl=en&expIds=17259,26698&xhr=t&q=IPSec+how+it+works&cp=10&pf=p&sclient=psy&safe=active&client=firefox-a&rls=org.mozilla:en-GB%3Aofficial&aq=0&aqi=&aql=&oq=IPSec+how+i&gs_rfai=&pbx=1&fp=819b7534ec4dfca4

RFC:
http://www.google.ie/search?q=IPSec+notes&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-a#hl=en&expIds=17259,26698&xhr=t&q=IPSec+how+it+works&cp=10&pf=p&sclient=psy&safe=active&client=firefox-a&rls=org.mozilla:en-GB%3Aofficial&aq=0&aqi=&aql=&oq=IPSec+how+i&gs_rfai=&pbx=1&fp=819b7534ec4dfca4



If you have specific questions maybe we can help. post them up