Yes, when Kris originally proposed this earlier, we came agreement that there are cases where the UDP checksum may be elided simply because it's matched or exceeded by other mechanisms.
On the topic of security, I'm not so sure I would've chosen a method closer to TLS, by putting it on top of UDP. I would've preferred a method that is closer to IPsec, removing any binding to transport layer yet still remains end-to-end. While I agree that IPsec, as specified, is a little heavyweight. I think it's reasonable for us to mirror IPsec ESP, as in RFC4309, except using less bytes for IV and ICV. Key management, of course, is a different beast, and I'm not proposing to support IKE on 6LoWPAN nodes. -- Jonathan Hui Pascal Thubert (pthubert) wrote: > Hi: > > Per RFC 4944: > "The UDP header's checksum field is not compressed and is therefore > carried in full." > > The UDP checksum is not the only way to protect the IP pseudo header, > the UDP header and the payload. > ISA 100.11a is defining a transport-level security that does all this > and more, since it has a larger signature and provides mutual > authentication at the same time. > > Also, the ISA100.11a transport-level security is usually > hardware-assisted, so it requires little power or CPU time on the field > device, whereas UDP checksum will be a costly CPU operation. > > So ISA100.11a is an example where the UDP checksum could and actually > should be compressed over the LoWPAN, leaving it up to be reconstructed > by a backbone router should the packet go any further than the LOWPAN > itself. > > Since bit 3 in the HC-UDP header is reserved anyway, it makes sense to > standardize it to mean that the UDP checksum is compressed, provided > that the headers and payload are equally or better protected than if the > checksum was used. > > Note: that would be bit 7 in my HC3 proposal. As a result, the complete > HC3 proposal could save us up to 4 additional bytes over RFC 4944 for a > UDP packet. > > What do you think? > > Pascal > _______________________________________________ > 6lowpan mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/6lowpan _______________________________________________ 6lowpan mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lowpan
