[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GSE

To: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Subject: Re: GSE
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Sat, 22 Feb 2003 16:30:29 +0100 (CET)
Cc: <multi6@ops.ietf.org>
In-reply-to: <200302221500.h1MF0Oof044344@givry.rennes.enst-bretagne.fr>

On Sat, 22 Feb 2003, Francis Dupont wrote:

>    Is there a good write-up of HIP yet?

> => draft-jokela-hip-packets-xx.txt and old I-Ds by Robert Moskowitz.

Excellent, I'll look them up.

>    But you can't do routing over IPsec tunnels, so you need another
>    GRE tunnel.

> => fortunately this is not 100% true.

I meant "routing protocols" here.

>    Then comes the ESP overhead, which is actually fairly small but they
>    chose to inlcude padding, which IMO was a mistake. Also, the
>    initialization vectors eat up a fair number of bytes, while it wouldn't
>    be very hard to come up with a scheme where the IV isn't carried inside
>    the packet.

> => both are properties of the algorithm(s), not of ESP itself.

Yes, padding and IVs are necessary. But that doesn't mean they have to
be carried in the packets. If you use a stream cipher you don't need to
pad. IVs can be generated independently by both ends from pre-shared
information.

References:
- Re: GSE
  - From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

Prev by Date: Re: GSE
Next by Date: Re: GSE
Previous by thread: Re: GSE
Next by thread: Re: GSE
Index(es):
- Date
- Thread