Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: [LinkSec] RE: algorithm choices - criteria

To: "Johnston, Dj" <dj.johnston@intel.com>
Subject: RE: [LinkSec] RE: algorithm choices - criteria
From: Russ Housley <housley@vigilsec.com>
Date: Thu, 04 Sep 2003 14:32:18 -0400
Cc: <stds-802-linksec@ieee.org>
In-Reply-To: <F22B971160628F46BCDDF9E1F33494330F2555@orsmsx403.jf.intel.com>
Sender: owner-stds-802-linksec@majordomo.ieee.org


DJ:

>Putting the mode specific fields in the payload is the right approach
>for all the usual reasons (layering, futureproofing, HW/SW flexibility
>etc.). The counter argument is that is contracts the MTU in the payload
>and this may be a problem for some manufacturers. I'm not sure how
>putting the security fields outside the payload would be less of a
>problem, but that's the argument for what its worth.

SDE had this problem too.  It turned out to be a problem in practice, and 
fragmentation was added to the SDE standard to handle it.  It is very 
simple fragmentation because there are never more than two fragments.  When 
management was available, the max MTU was set smaller to allow for the 
crypto expansion.  This a much cleaner solution.

>I'm not allowed to think about frame formats until the end of next week
>due to 802.16 and 802 handoff..

You have such a compartmented life ...

Russ

References:
- RE: [LinkSec] RE: algorithm choices - criteria
  - From: "Johnston, Dj" <dj.johnston@intel.com>

Prev by Date: Re: [LinkSec] RE: algorithm choices - criteria
Next by Date: RE: [LinkSec] RE: algorithm choices - criteria
Prev by thread: RE: [LinkSec] RE: algorithm choices - criteria
Next by thread: RE: [LinkSec] RE: algorithm choices - criteria
Index(es):
- Date
- Thread