IETF Logo Mail Archive

Re: TO COMPRESS OR NOT TO CMPRS (please reply)

Stephen Kent <kent@bbn.com> Fri, 28 February 1997 23:42 UTC

Received: from cnri by ietf.org id aa23240; 28 Feb 97 18:42 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa22635; 28 Feb 97 18:42 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id SAA11367 for ipsec-outgoing; Fri, 28 Feb 1997 18:30:32 -0500 (EST)
X-Sender: kent@po1.bbn.com
Message-Id: <v03007800af3c9ddf5ce9@[128.89.0.110]>
In-Reply-To: <199702280544.VAA15002@servo.qualcomm.com>
References: <199702191422.JAA02189@jekyll.piermont.com> (perry@piermont.com)
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Fri, 28 Feb 1997 18:35:51 -0500
To: Phil Karn <karn@qualcomm.com>
From: Stephen Kent <kent@bbn.com>
Subject: Re: TO COMPRESS OR NOT TO CMPRS (please reply)
Cc: perry@piermont.com, rmonsour@earthlink.net, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

Phil,

	Just a minor correction: let's not refer to SSL or SSH as
"transport layer" security protocols.  These protocols operate above the
transport layer.  I'd call SSL a session layer security protocol, if I had
to attach a label.  TLSP is an example of a transport layer security
protocol, i.e., it is integrated into the transport layer, not layered on
top.  Also, one additional downside of session layer security protocols is
the possible dependence on the ordering provided by the transport layer
protocol.  In the case of SSL, this means that an attack on TCP can quickly
kill the SSL session, requiring a new SSL session to be created, while TCP
thinks that everything is just fine...

Steve

v2.8.7 | Report a Bug | By Email