Hi,
IMO We need to add the following enhancements to IPsec if we want to
include handling of Dummy packets and TCP arbitrary padding
Dummy packets
=
1). We need to add bits in odp_ipsec_warn_t to indicate the reception
of dummy packets so that when an IPsec implementation receives an
On Tue, Nov 28, 2017 at 9:28 AM, Dmitry Eremin-Solenikov <
dmitry.ereminsoleni...@linaro.org> wrote:
> Hello,
>
> On 20/11/17 18:23, Bill Fischofer wrote:
> > Traffic Flow Confidentiality (TFC) is a feature of SAs according to RFC
> > 4303 that must be negotiated on a per-SA basis before it is use
Hello,
On 20/11/17 18:23, Bill Fischofer wrote:
> Traffic Flow Confidentiality (TFC) is a feature of SAs according to RFC
> 4303 that must be negotiated on a per-SA basis before it is used. So
> This would need to be hooked into higher-level protocols.
>
> From an ODP perspective, it would be an
Traffic Flow Confidentiality (TFC) is a feature of SAs according to RFC
4303 that must be negotiated on a per-SA basis before it is used. So This
would need to be hooked into higher-level protocols.
>From an ODP perspective, it would be an additional set of parameters on the
odp_ipsec_sa_create()
Hello,
I was thinking about another minor part of IPsec RFCs: dummy packets
used to mask traffic statistics. IPsec implementation is required to
drop ESP packets with NH = 59 (no next header) on receiver side and is
expected to be able to generate these packets on transmitter side.
Currently we do