[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on latest IPSP drafts
At 03:36 PM 4/9/95 -0400, Donald E. Eastlake 3rd wrote:
>
>I haven't been commenting hardly at all so I won't be suprised if my
>comments at this late date don't have much effect. Still, I thought
>I'd toss them in. (Mark: hope you don't mind if I use parts of your
>message as a framework)
>
>From: Mark H Linehan/Watson/IBM Research
> <linehan@watson.ibm.com>
>To: ipsec <ipsec@ans.net>
>
>}...
>}
>}- I suggest that there should be a discussion of the impact of IP
>}fragmentation. In particular: (a) performance is affected since IP packets
>}that already equal the MTU size will overflow with the addition of the AH or
>}ESP data; (b) I think there should be an implementation note that the
sender of
>}an IPSP packet should make sure to put it through the fragmentation process,
>}and the destination of an IPSP packet must reassemble it before processing the
>}AH header or ESP payload.
>
>I actually think that any mature encryption standard has to include
>compression. It's one of the clear superiorities of PGP over PEM. But
>I recognize that most people consider it some sort of patent quirmire.
>Still, I hope the next generation of transformations include compression.
I think that minimally some reference to this is needed in the ESP
documents. Even the AH can cause problems with fragmentation, but my real
concern is ESP.
Afterall, once encrypted == not compressable, right?
So some reference is needed to this and perhaps a way to negotiate a
compression scheme is needed in Photuris I(another parameter?). Also as a
minimum, wasn't there some work done in the PPPwg for compression of PPP
packers? Cannot that be lifted bodily into ESP?
Robert Moskowitz
Chrysler Corporation
(810) 758-8212