[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HIP and PKI reqs [RE: Identifier/locator recap]
On Mon, 17 Mar 2003, Michael Richardson wrote:
> Pekka> However, my complaint with HIP model is that it seems so closely
> Pekka> tied to ESP and security.
> Why is this a problem for you?
I can't speak for anyone else, but there are many times I have no need
to obfuscate my communications. In those cases, why should I suffer the
bandwidth, CPU and management overhead of IPsec? (In IPv6 everything
will configure pretty much automatically but doing IPsec of course fully
negates (and more) this advantage.)
> I think that we very much need better security. This is end-to-end
> security. P4s don't even notice doing 3DES (let alone AES), and TPCA may
> put hardware accelerators on every motherboard.
This is hardly true: 3DES maxes out at around 200 Mbps if we are to
In high speed networking, every copy cycle hurts. So how can encryption
be "free"? Also, even if I have a P4 at my disposal (which I don't) I
could very well need the CPU time for something else. And on mobile
devices, this eats up battery power unnecessarily.
There is often a need for crypto. However, there is also often a need to
_not_ have crypto.