On 25 mrt 2008, at 16:10, Dan Wing wrote:
...
And yes, the issues I referred to are DoS and TCP spoofing.
These can only be protected against at the network level.
What are your thoughts on DTLS's DoS and spoofing protection?
Looks like this is mostly similar to IPsec except that the port
At Wed, 26 Mar 2008 13:25:20 +0100,
Iljitsch van Beijnum wrote:
On 25 mrt 2008, at 16:10, Dan Wing wrote:
...
And yes, the issues I referred to are DoS and TCP spoofing.
These can only be protected against at the network level.
What are your thoughts on DTLS's DoS and spoofing
On 26 mrt 2008, at 14:36, Eric Rescorla wrote:
- Modern cryptographic implementations are extremely fast. For
comparison the MacBook Air I'm typing this on will do order 10^6
HMAC-MD5s/second on 64-byte packets. So, to consume all my
resources would require order 10^8 bits per second,
At Wed, 26 Mar 2008 15:01:21 +0100,
Iljitsch van Beijnum wrote:
On 26 mrt 2008, at 14:36, Eric Rescorla wrote:
- Modern cryptographic implementations are extremely fast. For
comparison the MacBook Air I'm typing this on will do order 10^6
HMAC-MD5s/second on 64-byte packets. So, to
At Wed, 26 Mar 2008 07:32:41 -0700,
Eric Rescorla wrote:
At Wed, 26 Mar 2008 15:01:21 +0100,
Iljitsch van Beijnum wrote:
On 26 mrt 2008, at 14:36, Eric Rescorla wrote:
- Modern cryptographic implementations are extremely fast. For
comparison the MacBook Air I'm typing this on
On 24 mrt 2008, at 18:58, Jari Arkko wrote:
Now, if we had a proposal that turned IPsec into as easily deployable
between random clients and known servers as TLS, I would be interested
in a new experiment! But I did not see a proposal for that yet. Maybe
time for that draft that Phillip
Iljitsch van Beijnum wrote:
...
And yes, the issues I referred to are DoS and TCP spoofing.
These can only be protected against at the network level.
What are your thoughts on DTLS's DoS and spoofing protection?
-d
___
IETF mailing list
On 24 mrt 2008, at 18:58, Jari Arkko wrote:
Now, if we had a proposal that turned IPsec into as easily deployable
between random clients and known servers as TLS, I would be interested
in a new experiment! But I did not see a proposal for that yet. Maybe
time for that draft that Phillip