[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: is 1 Gbps a MUST?
Hi all, What John states below is accurate. In addition, even if we were to approve this mandate in the IPS WG (which we are not), I do not believe that the IESG will allow the specification to go forth if it is specified in the specification that encryption MUST occur at a minimum of 1 Gbps. There is no technically valid reason to make this a requirement. On the other hand, it is entirely appropriate to indicate in the spec that the PROTOCOL itself MUST be capable of supporting 1 Gbps. Thanks, Elizabeth IPS Co-chair -----Original Message----- From: firstname.lastname@example.org [mailto:email@example.com] On Behalf Of John Hufferd Sent: Friday, February 22, 2002 1:59 PM To: firstname.lastname@example.org Cc: email@example.com; firstname.lastname@example.org; email@example.com; firstname.lastname@example.org; email@example.com Subject: RE: is 1 Gbps a MUST? Folks, There will be folks that will operate on 100 Mb/s links and will use iSCSI with Encryption. To say that they do not comply with the spec, for that reason, is a bit silly. Likewise, I believe there will be many desktops and laptops that will support 10/100/1000 ethernet adapters and be thrilled with 300 Mb/s, it is also not reasonable to say that they can not claim compliance. The spec is intended to say that the protocol must be capable of being supported at 1 Giga bit per second. I think most of us agree that it is. So to say that those folks that do not operate at gigabit speed are non compliant is inappropriate. . . . John L. Hufferd Senior Technical Staff Member (STSM) IBM/SSG San Jose Ca Main Office (408) 256-0403, Tie: 276-0403, eFax: (408) 904-4688 Home Office (408) 997-6136, Cell: (408) 499-9702 Internet address: firstname.lastname@example.org email@example.com@ece.cmu.edu on 02/22/2002 10:54:15 AM Sent by: firstname.lastname@example.org To: email@example.com cc: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com Subject: RE: is 1 Gbps a MUST? Hi Fred, | |I won't respond to the wording of the draft, but to the sense |that it must |be intended to convey. If the wording doesn't convey this, it is the |wording which must change. | |It seems to me that if the transfer of encrypted data at |nominal link rates |is expected, then encryption and decryption must be achieved |at link rates. |If 1 GBPS link rates are in view, guess what rates are |important. If 10 GBPS... Unfortunately some believe that they can be iSCSI compliant by having a slow implementation of IPSec and claiming that most traffic will not require security processing. I am not one of those persons. I think that at least the policy check must occur at link speed regardless of what proportion of traffic requires security processing. | |It seems to me that the question is not whether or not you are |mandated to |implement IPSEC in software, but what you need to do to |accomplish link |speed encryption and decryption. Hardware and software are |duals; you can |implement the algorithm either way, and the trade-off is money |vs speed. I agree, and I did not mean to imply otherwise. I am trying to gather opinions from this group on whether link speed encryption/decryption is necessary, especially now that Bernad Aboba has clarified that the spec does not mandate it. Vince
Last updated: Fri Feb 22 17:18:01 2002
8859 messages in chronological order