Ian G <[EMAIL PROTECTED]> writes: >James A. Donald wrote: >> I have been considering the problem of encrypted channels over UDP or >> IP. TLS will not work for this, since it assumes and provides a >> reliable, and therefore non timely channel, whereas what one wishes to >> provide is a channel where timeliness may be required at the expense of >> reliability. > >This is what Guus was getting at: > >- We needed to tunnel data over UDP, with UDP semantics. SSL requires a > reliable stream. Therefore, we had to use something other that SSL to > tunnel data.
This is where the OpenVPN developers got it right: Use TLS for the handshake and IPsec's ESP for the transport. It's been a solved problem for some years now. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]