[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] Layer 2 processing inside IPsec
On Wed, 30 Jun 2004, Bill Sommerfeld wrote:
> one additional point: the header compression schemes i'm familiar with
> all involve inter-packet dependancies.
>
> If someone is particularly serious about integrating IPsec and ROHC,
I admit I'm not terribly interested in ROHC. I don't know too much
about it, but I didn't want to exclude it from my draft either.
> another thing worth looking at is whether an the integrity protection
> provided by an esp-rohc combination might well be significantly
> enhanced by doing a MAC over the pre-compressed packet rather than/in
> addition to the current MAC over the ciphertext...
>
Yes, I'd thought about that before, too. If we were free to change the
semantics and functioning of ESP, there's a few more thigns I recall I
was thinking about at the time (my memory is suffering, since this was
a while ago), but I think we'll want to stay within the confines of
the semantics of ESP for now.
jan
> (yes, this is a fairly significant change to ESP...)
>
> - Bill
>
>
>
>
> _______________________________________________
> Ipsec mailing list
> Ipsec@ietf.org
> https://www1.ietf.org/mailman/listinfo/ipsec
>
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec