[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RFC 2401 section 5.2.1
Henry Spencer writes:
> On Tue, 21 Nov 2000 itojun@iijlab.net wrote:
> > >Strongly agree. We'd like to see AH die entirely...
> >
> > (again this holy war on AH)
> > I don't. if you use transport mode IPsec heavily (unlike today's
> > VPN-only situation) how can you protect your header portion?
>
> Why would you have to use transport mode IPsec heavily? What problem does
> it solve that tunnel mode doesn't?
Unless you're talking about Schneier's
transport-is-really-tunnel-with-header-compression
contention, there's an obvious benefit of bytes on
the wire.
Mike
References: