On Wed, 2012-08-08 at 15:41 +0200, Jan Engelhardt wrote: > On Wednesday 2012-08-08 14:25, Arif Hossain wrote: <snip> > Complicated? No, not at all. http://inai.de/2008/02/24 > Heavyweight? Neither. The RSS is ~5 MB, most of which is pretty much > glibc anyway. > If clients are mainly embedded devices, and most of the time, all we can do is to install a software on them, then is it feasible to use IPSEC? At this moment we are including the cryptography in the software we provide for them, and many low end mobile devices has severe memory limitation. Just for an example, we used tls for only the initial session establishment, not the original data, and it proved very inefficient so we had to abandon the thing completely. The limitations of clinet devices forces us to use a very lightweight and easy to implement (so that we can implement it in the limited environment present in client devices) algorithms. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
