> On Feb 17, 2015, at 9:38 PM, Daniel Migault <[email protected]> wrote:
>
> Hi Scott,
>
> Thanks for the feed back, this is clearly some text that needs to be added to
> draft. So options to deal with the compression of the ICV are:
> - a) Allowing ICV compression with some restrictions like the ones you
> mention.
> - b) Not allowing ICV compression and explicitly listing encryption
> algorithms with small ICV
I am opposed to any “diet ESP” proposal that weakens the security properties of
the protocol. Bandwidth reduction is a somewhat interesting goal, and if you
can trim down ESP while leaving its strength unchanged (or improved of course),
fine. If it weakens it, I disapprove.
paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
