Re: Higher level question about flow label

[Bill Sommerfeld]

>    Huh? I thought that one of the requirements for ESP was to
>    copy the DSCP to the outer header. If I recall correctly,
>    this bothers some people from a traffic analysis standpoint,
>    but that seems to be part and parcel with QoS so that doesn't
>    hold much water IMO.

It seems that it would be appropriate for an implementation to
"reclassify" packets at the time of encapsulation into ESP -- the
packet is, after all, going through a logical trust boundary as it's
being encrypted..

This reclassification could involve copying the inner DSCP into the
outer header, or it could involve painting all packets the same shade
of black to discourage traffic analysis, or running it through some
other mapping function.

                                                - Bill
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------