[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ESP revisions straw poll



> Regardless of the "platonic truth" of the
> question of whether encryptionless ESP is good or bad, the world will
> survive just fine without it, 

It's not a platonic argument, it's a practical one about high-speed
nets, perceived utility of AH, and expected market directions.

Platonic would be, "And do you not already have an algorithm that
hashes contiguous blocks of data?  And do you have a framework for
handling an extensible set of block-oriented algorithms?  And you
often process packets without care for the header value, other than
destination address?  Then, have you not already implemented the
spirit of auth-only ESP, and is it not implied by the code base you built,
although you thought you were coding to a different spec altogether?
Then is not auth-only ESP a done deal, roughly implemented in running
code, not merely a shadow thrown on the wall by yahoos in the internet
ether?"

Hilarie





Follow-Ups: