Hello, >> The impact of connectionless vs. connection is not very significant when >> discussing the protocol's *security*, IMO. > > So I gather that as far as you're concerned a network "protocol" solely > consistes of the format of the innermost PDU? No. The point I tried to make was that the *security properties* of a protocol can be made mostly independent of the layer 4 transport. That's why I put *security* in *bold*. That's what I thought this thread was supposed to be about. I am not trying to argue that connectionless and connection-oriented transports are the same thing (what a fool would I be). TLS and DTLS are a good example in that respect: they deliver very similar, maybe even identical (I don't dare judge on that), security properties even though one is using a connection-oriented, the other one a connectionless transport layer. >> Well, it's _almost_ RADIUS, especially if one takes into account the >> mechanisms in RADIUS to detect duplication, retransmission etc, which >> already contains parts of the merits of TCP. > > By that logic, a cobra is _almost_ a pidgeon. [...] > Only if snakes are almost birds... You lost me here. I thought I had provided some *arguments* that show the similarities between RADIUS+DTLS and RadSec. Instead of countering that with reason, you counter it by throwing strange anatomical claims at me (which you don't bother to further explain - but I guess that's for the better since it is largely OT anyway). Forgive me if I ignore that part of your post. Stefan -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Attachment:
signature.asc
Description: This is a digitally signed message part.