>I cannot answer for the performance but if I was worried about making sure I
>got the correct time I'd be more likely to be concerned about authenticating
>the server than encrypting the contents. Encryption doesn't do a thing for
>ensuring you got a valid packet.
You don't need data confidentiality, but you do need data integrity and
anti-replay, both of which you get from the integrity part of IPSec. This is
a place where the integrity-only cipher suites are applicable.
paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
