[e2e] How TCP might look with always there ESP
Robert Moskowitz
rgm-ietf at htt-consult.com
Wed Jul 18 05:43:21 PDT 2001
At 08:00 PM 7/17/2001 +0100, Lloyd Wood wrote:
>Even with robust widely-deployed ESP in a sensible security framework,
>you'd still need a form of TCP for session management. By having ESP
>take over TCP's session management, aren't you effectively
>compromising the security model?
Never considered doing a way with TCP session management, or rather
re-inventing it. A number of us now view ESP as layer 3.5, and if done
properly would allow for a layer 4 to readily traverse many layer 3
'realms'. For example, NATed to public to NATed. Or IPv6 to IPv4 to IPv6.
More information about the end2end-interest
mailing list