That's correct - the TCP headers are not encrypted by any tcpinc security protocol (the TLS profile is similar in this regard). To encrypt TCP headers, something like IPsec is needed.
Thanks, --David > -----Original Message----- > From: Tcpinc [mailto:[email protected]] On Behalf Of Smith, Kevin, (R&D) > Vodafone Group > Sent: Tuesday, March 08, 2016 6:05 AM > To: tcpinc > Subject: [tcpinc] tcpcrypt - what's encrypted? > > Apologies if this is obvious and I've missed it in the docs - but please can > someone > confirm if the TCP protocol itself is encrypted as part of tcpcrypt, i.e. the > ACKs, > MSS, cwnd etc. etc. will not be visible to any middleboxes? A quick test shows > them still visible to a packet capture... > > Cheers > Kevin > > > > > _______________________________________________ > Tcpinc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tcpinc _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
