[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-new-auth-00.txt

To: Thomas Narten <narten@raleigh.ibm.com>, dpkemp@missi.ncsc.mil (David P. Kemp)
Subject: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
From: Naganand Doraswamy <naganand@ftp.com>
Date: Fri, 18 Apr 1997 09:59:07 -0400
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

At 09:31 AM 4/18/97 -0300, Thomas Narten wrote:
>> Perhaps I am missing something important, but I've never understood the
>> justification for negotiating replay window sizes.
>
>I also agree, and have been disheartened by the number of times the
>above question has been asked but not answered.  Indeed, it has been
>my impression that the vast majority of IP packets are delivered in
>order (one reason why TCP's header prediction works well in
>practice). It is rare in practice to have packets arrive out of
>order. Which begs the question of whether a window is even
>needed. Does someone have data that argues otherwise?
>

This issue has been resolved. The replay window isnot negotiated any more
and it is upto the receiver to decide what size to use. The recommended size
is 32.
Naganand

Follow-Ups:

Re: Comments on draft-ietf-ipsec-new-auth-00.txt

From: Stephen Kent <kent@bbn.com>

Prev by Date: RE: CBC IV generation in ISAKMP/Oakley
Next by Date: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Prev by thread: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Next by thread: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Index(es):
- Main
- Thread