On Sat, Jun 05, 2010 at 05:57:55PM -0400, Thor Lancelot Simon wrote: > IPKDB used a custom MD5-based packet hash for "security". I actually > think it would probably be very easy to support a single IPsec ESP > security association instead. The hair with IPsec is all with key > negotiation. Don't bother, and don't do some things like replay > protection, and ESP is a very simple, compact little shim layer on IP.
If you want to secure the link, having a fixed AES key and including a SHA1 hash would provide most of the security with very little complexity. Joreg