Re: Comments on latest IPSP drafts

[rgm3@is.chrysler.com (Robert Moskowitz)]

At 03:36 PM 4/9/95 -0400, Donald E. Eastlake 3rd wrote:
>
>I haven't been commenting hardly at all so I won't be suprised if my
>comments at this late date don't have much effect.  Still, I thought
>I'd toss them in.  (Mark: hope you don't mind if I use parts of your
>message as a framework)
>
>From:  Mark H Linehan/Watson/IBM Research
>        <linehan@watson.ibm.com>
>To:  ipsec <ipsec@ans.net>
>
>}...
>}
>}- I suggest that there should be a discussion of the impact of IP
>}fragmentation.  In particular: (a) performance is affected since IP packets
>}that already equal the MTU size will overflow with the addition of the AH or
>}ESP data; (b) I think there should be an implementation note that the
sender of
>}an IPSP packet should make sure to put it through the fragmentation process,
>}and the destination of an IPSP packet must reassemble it before processing the
>}AH header or ESP payload.
>
>I actually think that any mature encryption standard has to include
>compression.  It's one of the clear superiorities of PGP over PEM.  But
>I recognize that most people consider it some sort of patent quirmire.
>Still, I hope the next generation of transformations include compression.

I think that minimally some reference to this is needed in the ESP
documents. Even the AH can cause problems with fragmentation, but my real
concern is ESP.

Afterall, once encrypted == not compressable, right?

So some reference is needed to this and perhaps a way to negotiate a
compression scheme is needed in Photuris I(another parameter?).  Also as a
minimum, wasn't there some work done in the PPPwg for compression of PPP
packers?  Cannot that be lifted bodily into ESP?

Robert Moskowitz
Chrysler Corporation
(810) 758-8212

---

• Prev by Date: Re: Comments on latest IPSP drafts
• Next by Date: Re: Comments on latest IPSP drafts
• Next by thread: Re: IPv6 Security Last Call Initial Questions
• Index(es):
  • Main
  • Thread