In message <[EMAIL PROTECTED]>, Brian E Carpenter writes:
>Catching up after some delay and being able to discuss this
>in person with Francis yesterday...
>
>Steve Deering wrote:
>>
>> At 5:30 PM -0600 12/1/00, Brian E Carpenter wrote:
>> >Francis Dupont wrote:
>> >...
>> > > => just associate a QoS to a SPI and send the information (ie. how to
>> > > classify packets (addresses, ..., SPI) and the QoS) to the classifier
>> > > (which is by definition on-path).
>> >
>> >Wrong model. That requires signalling; diffserv doesn't have signalling.
>> >
>> >This works for RSVP as itojun explained, but it doesn't work for diffserv.
>>
>> I'm getting confused. The Flow label is intended for intserv, so why
>> are you talking about subverting it (or the SPI) for diffserv?
>
>Because diffserv has a problem if it needs to re-classify encrypted
>traffic, since the port & protocol #s are hidden. However, the idea
>of an extension header is *much* better than subverting the flow
>label.
>
Apart from the fact that I don't understand why diffserv would need to
reclassify something that has already been classified, I don't think
that we can manage an extension header. I tried -- the tf-esp effort
-- but there was too much opposition, including several IAB and IESG
members, and a lot of the IPsec community.
--Steve Bellovin
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
