Re: [PMOL] Re: A question about [Fwd: WG Review: Performance Metrics atO

Stephen Kent wrote:
> Joe,
>
> This discussion  seems to have moved from a discussion of crypto use on
> home/office computers, to use in routers. There is no good motivation
> for other than edge (CPE?) routers to make use of IPsec for subscriber
> traffic.
BGP...

> use of IPsec to
> protect BGP is a non-starter, because of where in the router the
> processing would be done (given current router designs).
Yes - and that was the punchline that performance does matter.

> In any case,
> use of IPsec by routers is a very different topic that use in
> home/office computers and ought not be brought into this discussion.
They are two different things, agreed.

> As for the original topic, yes, performance hits come in various flavors
> when we discuss crypto protocol use. For example, there was a good paper
> at NDSS a few years ago that showed how "marshalling" of data in  SSL
> implementations was a very big part of the performance hit. Nonetheless,
> the bottom line is that for mainstream users, most of us are not
> convinced that performance is the primary reason for not using crypto.
If "us" means crypto folk, I agree.

If "us" means the rest of us - who don't use crypto - I am not at all
convinced. There are a variety of other communities who want to use
security - high performance (grid, optiputer), enterprise (huge numbers
of short connections), etc. They all have different reasons for not
using crypto more, but writing off performance would be to continue a
mistake.

I've made that point clear; whether it's actually heard or not isn't
something I have much control over, though.

Joe

signature.asc
Description: OpenPGP digital signature

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf