Joe,
This discussion seems to have moved from a discussion of crypto use
on home/office computers, to use in routers. There is no good
motivation for other than edge (CPE?) routers to make use of IPsec
for subscriber traffic. We know, from discussions with operators,
that use of IPsec to protect BGP is a non-starter, because of where
in the router the processing would be done (given current router
designs). In any case, use of IPsec by routers is a very different
topic that use in home/office computers and ought not be brought into
this discussion.
As for the original topic, yes, performance hits come in various
flavors when we discuss crypto protocol use. For example, there was a
good paper at NDSS a few years ago that showed how "marshalling" of
data in SSL implementations was a very big part of the performance
hit. Nonetheless, the bottom line is that for mainstream users, most
of us are not convinced that performance is the primary reason for
not using crypto.
Steve
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf