On 7/29/14 1:58 AM, "Christian Huitema" <huit...@huitema.net> wrote:
>Let look at TCP + crypto. It has to compete with two established >standards. >On one hand, TLS, which is easily deployed but does not protect any of the >TCP headers. On the other hand, IPSEC, which is harder to deploy but does >protect the TCP header. A secure version of TCP only makes sense if it >protects the headers better than TLS and is easier to deploy than IPSEC. I don't think TLS is so easy to deploy. TCP is used in a wide variety of environments; that's one of its attractions. One of the attractions of TCPcrypt is its aim to be deployable wherever TCP can be, which is a bigger space than where TLS is convenient. That's my hope for the WG. _______________________________________________ Tcpinc mailing list Tcpinc@ietf.org https://www.ietf.org/mailman/listinfo/tcpinc