ietf
[Top] [All Lists]

Re: Checksum at IP layer - is it even needed ?

2015-12-14 15:55:24
On Mon, Dec 14, 2015 at 4:50 PM, Alexey Eromenko <al4321(_at_)gmail(_dot_)com> 
wrote:
Just moving to TCP/IP to CRC32 will *not* solve the issue of
middleboxes mangling our data.


isn't the solution to all of this to just use TLS ? (or DTLS for udp)


TLS/SSL is one solution; But there needs to be a solution for
unencrypted traffic also.

sure: "Move to encrypted traffic"

providing any real 'security' (or even 'people did not muck with my
packet') without real crypto is going to send the wrong message.

TCP is supposed to guarantee end-to-end reliability, but sometimes it
doesn't. (and with 2^16 checksums, at modern 1 Gig home links, it
really can't...)

it SEEMS to work just fine... right? or did I miss the general up roar
from users who can't access internet things?

I suppose: "Why are we trying to solve this in tcp/udp? why not solve
this at the application layer with TLS?"