[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: some issues about IPSec
> > > I guess I don't see why we should restrict the functionality of an
> > > implementation based on the implementation method at all. If the
> > > packets emerging from the _box_ don't give any indication of what method
> > > was used to encapsulate them, why should we even care?
> > >
> >
> > The questions here are what are the beneifits of transport mode that are
> > not provided in tunnel mode ?
>
> No. The question is more along the lines of the following. Supposing
> my box produces packets correctly in _some_ mode (either tunnel or
> transport) and puts them out on the line in a manner indistinguishable
> from your box. Do we care that my implementation lies in the core IP
> code while yours is a BITS? Should yours be subjected to different
> criteria than mine, simply because we chose different implementation
> methods? Why can't we describe the protocol as being generated by a
> black box, and leave the implementation details to the various
> implementors?
>
First of all I understand your viewpoint, and if it makes sense for
embedded solutions, o.k.
But benefits and drawbacks are *always* an important consideration. What
I'm really looking for here is an answer regarding exactly what the
benefit of transport mode is ? Perhaps a user of the transport mode could
comment on this for clarfication.
Thanks,
Jeffrey Goodwin
** Ashley Laurent,Inc. ** Software Development ** Consulting **
* * *
* 707 West Avenue, Suite 201 * voice: 512-322-0676 *
* Austin, Texas 78701 * fax : 512-322-0680 *
* web: http://www.osgroup.com *
* Microsoft Solution Provider * Complete Systems Design/Development *
* Novell Professional Developer * Systems Software/Device Drivers *
Follow-Ups:
References: