Re: IP comression - Can this be made optional?

[Henry Spencer <henry@spsystems.net>]

> When you have an SA bundle consisting of AH, ESP and 
> Compression protocols defined for a class of packets,
> I understand, the entire SA bundle is required to be 
> applied on packets in either direction.

No, an SA bundle is unidirectional, just like the SAs themselves.  In
principle, the set of SAs connecting two systems could be asymmetric. 
(And there are situations where this would be worthwhile, e.g. a highly
asymmetric communications link might want compression on only the slow
side.)  The "Security Architecture" draft says quite explicitly that
there are separate SPDs for inbound and outbound traffic.

> However, I believe, it is desirable to make application 
> of some of the components (of SA bundle) optional. For 
> example, one might not want to compress small packets 
> (say, less than 64 bytes)...

It would be better to define a compression scheme that is intelligent
about this, I would think.

> Is it reasonable to have a policy defined such that one
> or some of the SA bundle elements can be made optional?

Is there another example of where it would be useful?

                                                          Henry Spencer
                                                       henry@spsystems.net
                                                     (henry@zoo.toronto.edu)

---

Follow-Ups:

• Re: IP comression - Can this be made optional?
• From: suresh@livingston.com (Pyda Srisuresh)

References:

• IP comression - Can this be made optional?
• From: suresh@livingston.com (Pyda Srisuresh)

---

• Prev by Date: Re: IP comression - Can this be made optional?
• Next by Date: Re: IP comression - Can this be made optional?
• Prev by thread: Re: IP comression - Can this be made optional?
• Next by thread: Re: IP comression - Can this be made optional?
• Index(es):
  • Main
  • Thread