[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 2401 section 5.2.1

To: Henry Spencer <henry@spsystems.net>
Subject: Re: RFC 2401 section 5.2.1
From: Michael Thomas <mat@cisco.com>
Date: Tue, 21 Nov 2000 10:21:07 -0800 (PST)
Cc: itojun@iijlab.net, ipsec@lists.tislabs.com
In-Reply-To: <Pine.BSI.3.91.1001121110751.181J-100000@spsystems.net>
References: <3984.974769943@coconut.itojun.org><Pine.BSI.3.91.1001121110751.181J-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

Henry Spencer writes:
 > On Tue, 21 Nov 2000 itojun@iijlab.net wrote:
 > > >Strongly agree.  We'd like to see AH die entirely...
 > > 
 > > 	(again this holy war on AH)
 > > 	I don't.  if you use transport mode IPsec heavily (unlike today's
 > > 	VPN-only situation) how can you protect your header portion?
 > 
 > Why would you have to use transport mode IPsec heavily?  What problem does
 > it solve that tunnel mode doesn't? 

   Unless you're talking about Schneier's
   transport-is-really-tunnel-with-header-compression
   contention, there's an obvious benefit of bytes on
   the wire.

	Mike

References:

Re: RFC 2401 section 5.2.1

From: itojun@iijlab.net

Re: RFC 2401 section 5.2.1

From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: RFC 2401 section 5.2.1
Next by Date: Re: RFC 2401 section 5.2.1
Prev by thread: Re: RFC 2401 section 5.2.1
Next by thread: Re: RFC 2401 section 5.2.1
Index(es):
- Main
- Thread