[6953] in cryptography@c2.net mail archive
Re: key agility and IPsec
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Thu Apr 27 14:49:59 2000
From: "Steven M. Bellovin" <smb@research.att.com>
To: Ron Rivest <rivest@theory.lcs.mit.edu>
Cc: cryptography@c2.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 27 Apr 2000 12:39:32 -0400
Message-Id: <20000427163933.EAD3335DC2@smb.research.att.com>
I should have added one further point to my note.
In one respect, my figures do support your position. The upstream traffic,
which was required a larger cache, was also a significantly slower stream,
both in packets and in bytes. That provides a lot more headroom for key
setup. And while that is based on today's traffic mix, I think that in many
respects that is unlikely to change -- central sites will always be bigger,
with more data, and thus the dominant data flow will be towards the remote
sites. (There may also be balanced streams, such as voice or video, but I
don't expect data transfers to go away.)
--Steve Bellovin
