[e2e] How TCP might look with always there ESP

Craig Partridge craig at aland.bbn.com
Tue Jul 17 09:19:28 PDT 2001


In message <5.1.0.14.2.20010717091427.02495ea0 at localhost>, Robert Moskowitz wri
tes:

>First we would drop the CRC checksum.  All of the ESP auth methods are much 
>stronger.

Surprisingly no, you can't claim that one method of error detection is better
than another until and unless you define an error model to serve as the
basis of comparison.  ESP is no better than a checksum of the same length
in the absence of an error model (per the checksum discussion on this list
and Jonathan Stone's impending dissertation).

>But what about sequence numbers?  ESP has a seq # also.  Can it be used in 
>place of TCPs?  What restrictions need be placed on ESP's seq #?

You need to be able to wrap the ESP sequence number (TCP places no
constraints on the length of the data, ESP, with its requirement of
ever increasing sequence numbers, does) or link one ESP session with
another, seamlessly (which incidentally, we're already looking at in the
context of very high speed ESP support as the ESP sequence space is
too small).

Craig



More information about the end2end-interest mailing list