[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: transport-friendly ESP
- To: "Mike O'Dell" <mo@uu.net>
- Subject: Re: transport-friendly ESP
- From: Daniel Harkins <dharkins@cisco.com>
- Date: Thu, 28 Jan 1999 08:29:20 -0800
- cc: Steve Bellovin <smb@research.att.com>, ipsec@tis.com, Steve Deering <deering@cisco.com>, end2end-interest@isi.edu, tsv@ee.lbl.gov, diff-serv@BayNetworks.COM, ecn-interest@research.att.com, red-impl@lbl.gov, jis@MIT.EDU, mleech@nortel.ca
- In-reply-to: Your message of "Thu, 28 Jan 1999 07:44:27 EST." <QQgaco27340.199901281244@neserve0.uu.net>
- Sender: owner-ipsec@ex.tis.com
Because TLS is TCP-only and there's lots of stuff that goes
on top of UDP.
VoIP is a prime reason why not to use TLS (multicast is another)
and a good reason why you'd want some sort of snooping/layer-violation.
VoIP needs a higher quality of service than most anything else and
service providers usually don't let you just set the TOS bits on
packets you inject into their network.
Dan.
On Thu, 28 Jan 1999 07:44:27 EST you wrote
>
> why isn't the answer "just use TLS"???
>
> a requirements doc which did a "compare and contrast"
> analysis would be interesting reading.
>
> <soapbox>
>
> if we had a nickel's worth of session layer in the APIs,
> this would be easy to insert even for apps which "don't
> know nothin'". moreover, a flyweight session mechanism
> would solve a bunch of other problems as well which people
> are addressing by inventing a zillion different new flat
> tires.
>
> so the recurring decision is...
>
> fix the architecture? hack yet more ugly cruft?
> fix the architecture? hack yet more ugly cruft?
> fix the architecture? hack yet more ugly cruft?
>
> to the casual observer, it sure seems like the
> second alternative has become
>
> "The DOH! of the IETF"
>
> -mo
>
> </soapbox>
>
>
References: