Christian Hopps writes:
> The replay window does not need to be the same size as the reorder
> window.
But effectively it is same as there is no use of having them
different.
If my reorder window is set to 2, and my replay window is set to 1000,
if there is any reorderining happening then even w
I feel like this is going in circles.
If you have a slow link, which is what you were highlighting, you set your
re-order window to 0 -- you don't need to guard against reordering.
If you still want to detect replay attacks though, you leave your replay window
at some large number. The replay
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the IP Security Maintenance and Extensions WG of
the IETF.
Title : Labeled IPsec Traffic Selector support for IKEv2
Authors : Paul Wouters
On Tue, 4 May 2021, internet-dra...@ietf.org wrote:
Subject: [IPsec] I-D Action: draft-ietf-ipsecme-labeled-ipsec-05.txt
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-ipsecme-labeled-ipsec-05
No major changes. Mostly a bump to prevent expirat
