Re: notes from developer's portion of IETF meeting

[ho@earth.hpc.org (Hilarie Orman)]

Yes, I think my note is consistent with yours, where I listed the
conditions where I thought that ESP w/o integrity was OK, but then I
expressed doubt as to the wisdom of leaving this judgment up to the
individual user or system administrator, given that it is less than
straightforward to analyze the safety of such a decision and that,
with the exception of very low speed lines, the performance is not
greatly impacted by requiring integrity.  I could see having it be a
property of the transform --- a transform designer can specify the
null integrity algorithm if he knows that the encryption algorithm has
built-in integrity --- but I don't find the DAP example compelling.

Hilarie

---

References:

• Re: notes from developer's portion of IETF meeting
• From: Stephen Kent <kent@bbn.com>

---

• Prev by Date: Re: Test...
• Next by Date: I-D ACTION:draft-ietf-ipsec-esp-rc5-cbc-00.txt
• Prev by thread: Re: notes from developer's portion of IETF meeting
• Next by thread: Re: notes from developer's portion of IETF meeting
• Index(es):
  • Main
  • Thread