On Thu, 18 Jun 2020, Dang, Quynh H. (Fed) wrote:
Hi Panos and Scott,
That was exactly what I was thinking. We have been working remotely.
One could have more than 300 kbytes for a pair of (public key + ciphertext and
public key + sig). The latter public key may be replaced by a
cert chain.
The impact varies from one situation to another I think.
Speaking as a previous IPsec implementor, the biggest concern I had over IKE
performance was in the ‘flash crowd’ scenario; that is, you’re an
IPsec-based security gateway, and then suddenly everyone wanted to negotiate
with you. This can happen if it’s 8:00 AM (and everyone just
arrived at work), or if you’re a back-up gateway, and then the primary gateway
just failed.
We have RFC 5685 REDIRECT for that. If your server becomes too busy, it
can redirect new or existing clients to another gateway, provided that
other gateway will authenticate itself identically to this gateway.
I don't think the key sizes really matter here. Even if computation is
2x or 3x more CPU intensively, from an "overloaded server" point of view
that just means like "redirect if at 3000 clients" vs "redirect if at
2000 clients".
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
