[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Status of IPSEC Key Management

To: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Subject: Re: Status of IPSEC Key Management
From: "C. Harald Koch" <chk@border.com>
Date: Mon, 9 Sep 1996 18:16:35 -0400
Cc: Steven Bellovin <smb@research.att.com>, perry@piermont.com, Stephen Kent <kent@bbn.com>, ipsec@TIS.COM
In-Reply-To: sommerfeld's message of "Mon, 09 Sep 1996 17:50:58 -0400". <199609092151.RAA00478@thunk.orchard.medford.ma.us>
Organization: Secure Computing Canada Ltd.
Phone: +1 416 368 7157
References: <199609092151.RAA00478@thunk.orchard.medford.ma.us>
Sender: ipsec-approval@neptune.tis.com

In message <199609092151.RAA00478@thunk.orchard.medford.ma.us>, Bill Sommerfeld writes:
> SKIP-style in-band keying is good because it doesn't add more
> round-trips.  It's bad because it involves extra overhead on each
> packet.. SKIP's 20-28 bytes/packet (assuming 8-16 byte traffic keys)
> adds ~50% to the size of a TCP ACK. 

Are there really places in the Internet where this is still a problem? I
suppose those asymmetric bandwidth cable modems might be a problem; any
others?

-- 
Harald Koch
chk@border.com

Follow-Ups:

Re: Status of IPSEC Key Management

From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

Re: Status of IPSEC Key Management

From: Phil Karn <karn@qualcomm.com>

References:

Re: Status of IPSEC Key Management

From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

Prev by Date: Re: Status of IPSEC Key Management
Next by Date: Re: Status of IPSEC Key Management
Prev by thread: Re: Status of IPSEC Key Management
Next by thread: Re: Status of IPSEC Key Management
Index(es):
- Main
- Thread