[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Proposed message on perfect forward security
>I do not think TCP vs TP[0-4] is a fair analysis to in-band vs
>out-band. TCP and TPxxx are two different protocol suites, two
>different AFs to a socket, and I believe two different philosophies
>towards the functions of a transport layer protocol. In-band is an
>option customers may want to use who do not need perfect forwarding
>security. Everything else about the ip6_input layer is the same, all
Ah, but I think TP[0-4] *is* an excellent analogy. The reason given
for having 5 different transport protocols, all of which provided the
same interface to the user, was that the "heavier" protocol (TP4) was
not needed when the underlying network claimed to provide reliability.
As we saw, however, the benefits of having a single, universal transport
protocol providing a virtual byte stream service outweighed any
concerns about performance -- many of which became moot when clever
tricks like VJ header compression came along.
And so I believe it will be with IP security. Once it becomes popular,
people will find clever coding tricks and CPUs will get faster. But it
won't become popular if there are a half dozen non-interoperable
standards competing with each other. That says we should try to make
the most general purpose protocol we can.