[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-ietf-ipsec-new-auth-00.txt

To: perry@piermont.com
Subject: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
From: Stephen Kent <kent@bbn.com>
Date: Thu, 15 May 1997 15:21:55 -0400
Cc: ipsec@tis.com
In-Reply-To: <199705142034.QAA06294@jekyll.piermont.com>
References: Your message of "Wed, 14 May 1997 16:00:59 EDT." <v03007807af9f9141a520@[128.89.30.23]>
Sender: owner-ipsec@ex.tis.com

Perry,

	A good question, but one that requires translating from TCP window
measurements (in bytes) to IPSEC units (packets), as Steve Bellovin pointed
out.  I don't know who has the data to make this translation.  However, we
have seen smoe statistics cited that note modest numbers of packets
arriving out of order in some circumstances, and that prompted us to
abandon the window size of 1 that had been in a previous draft of AH.  It
is the lack of good data in this area, plus the move to bigger, faster
pipes, that makes it hard to figure out if 32 or 64 is big enough, although
such numbers seem reasonable for today's Internet.

Steve

References:

Re: Comments on draft-ietf-ipsec-new-auth-00.txt

From: Stephen Kent <kent@bbn.com>

Re: Comments on draft-ietf-ipsec-new-auth-00.txt

From: "Perry E. Metzger" <perry@piermont.com>

Prev by Date: Re: Re[2]: ISAKMP commit and notify usage
Next by Date: Re: ESP revisions straw poll
Prev by thread: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Next by thread: Re: Comments on draft-ietf-ipsec-new-auth-00.txt
Index(es):
- Main
- Thread