[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Move TS to optional (RE: Don't remove TS from IKEv2)

To: "Sankar Ramamoorthi" <Sankar.Ramamoorthi@xxxxxxxxx>
Subject: RE: Move TS to optional (RE: Don't remove TS from IKEv2)
From: Stephen Kent <kent@xxxxxxx>
Date: Wed, 27 Mar 2002 20:24:02 -0500
Cc: "IP Security List" <ipsec@xxxxxxxxxxxxxxxxx>
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

I think it worth noting that there is considerable pressure to not make the ESP header any larger. Good engineering practice suggests that if additional signaling info is needed only infrequently, relative to the vast majority of traffic sent on an SA, then it makes more sense to perform the signalling in a fashion that does not increase the size of the header for the vast majority of the traffic, and that does not add additional processing burden (e.g., examination of any part of the packet) for that vast majority. The ESP header has no spare bits available for signalling; it consists of only the the SPI and the sequence number. Adding info to the trailer would violate the second of my suggestions above, re additional examination. I'd suggest we think in terms of additional phase 2 exchanges in SOI.

Steve

References:
- RE: Move TS to optional (RE: Don't remove TS from IKEv2)
  - From: Sankar Ramamoorthi

Prev by Date: RE: pre-shared key v RSA encryption or RSA signatureauthentication modes
Next by Date: User interface ciphersuites for IKEv2
Previous by thread: RE: Move TS to optional (RE: Don't remove TS from IKEv2)
Next by thread: RE: Move TS to optional (RE: Don't remove TS from IKEv2)
Index(es):
- Date
- Thread