[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RFC 2401 section 5.2.1



 In your previous mail you wrote:

   On Tue, 21 Nov 2000 itojun@iijlab.net wrote:
   > >Strongly agree.  We'd like to see AH die entirely...
   > 
   > 	(again this holy war on AH)
   > 	I don't.  if you use transport mode IPsec heavily (unlike today's
   > 	VPN-only situation) how can you protect your header portion?
   
   Why would you have to use transport mode IPsec heavily?  What problem does
   it solve that tunnel mode doesn't? 
   
=> an example: secure VoIP on an air link: tunnel mode add 20 or 40
uncompressible bytes per packet. Look at ROHC WG for the price of
one single bit in this context.

Francis.Dupont@enst-bretagne.fr


Follow-Ups: References: