Protocol Stack chip implantation is imperative, IPSec is an error, and ipsec is imperative
This article is a bit extreme, but may also cater to some people or organizations. This article is short. I will continue to write this topic later. The heart is too painful and the person is too weak.
1. Protocol Stack chip Implantation
If you think that protocol stack chips are consuming materials and eliminating costs, you are wrong. The TCP/IP/Ethernet protocol stack has now become a de facto standard and has not changed for many years. In view of the overhead of circuit design, mold opening, silicon wafer technology, and so on, solidification is generally considered only when things remain unchanged. Otherwise, you will have to pay a huge price and it is not conducive to protecting customers' investment. In fact, the protocol stack has been stable for a long time and has not changed much for a long time. But why is it worth fixing now? Because the CPU of a PC can handle software complexity in the past, it is now a micro-terminal, and its arm cpu cannot afford huge software computing costs. Hardware computing will be better. I am talking about this from the consumer perspective. Although it may be expensive at the beginning, the hardware is like this. In the future, the cost of the early investment will continue to decrease. As for the chip fever problem, this technical problem can be solved, but it is difficult to solve the consumer's inertia problem.
Why do many people or organizations do not want to do this? The first consideration is the cost. I do not know much about economics, but I do not understand it completely. I understand that the current big brands are not in the hands of consumers, which is a bad precursor. In fact, technology is leading consumers. If there is no 1nm Technology (exaggerated, people in the Department are not really good), then consumers will not use it. It is so simple, it doesn't mean that the consumer needs it. Intel and TSMC will certainly be able to do it. Big names are also not in the hands of Huawei haisi. Designing a chip is one thing. This is not the time from the end of the Middle Ages to the age of the 19th century. In that time, what do I need? You have to do it for me. You cannot do it. I am looking for someone else! In that era, Louis 14th, Sun King, and Napoleon was created...
Things worth fixing are common things. With the popularity of home terminals and the diversity of Internet services, the family outlets may encounter bottlenecks sooner or later. This bottleneck is not from hardware, but is supported by hardware breakthroughs. Wait.
2. About IPSec
IPSec is reversing history. As I mentioned earlier, it is a silly idea to encrypt video streams using an IP-layer VPN. The network layered model is dead. I spoke on the premise of my long-term research in this field. It is not a matter of concern to companies or individuals in this field. If you want to solve a specific problem or be under coercion, do it. In the end, the technology is metaphysical. If it is just a study, it will be wrong. Just like me, I can say and make any details of A field, such as A, but I still say that A is A zombie, half of which is A metaphysical understanding, the other half is devout.
The topic of security is originally related to applications, not just data security in some traditional ideas, because security operations will affect data behavior. It is silly to encrypt a video stream with a ECB. Encryption should be performed immediately after the video is encoded, rather than in a BOX that has no knowledge but needs to be guessed, I have always seen that you are working hard. Video is just an example. There are all kinds of examples. How stupid it is to use the legacy IPSec for Unified IP layer encryption! The IP layer is a simple, simple, and best-effort service without connection. IPSec adds two one-way SA, which makes an IP stream a two-way stream in the sense of security. It is true that IPSec was successful in the file transmission age, but now it is doomed to fail. Application-aware security is automatically implemented by the application. There is no uniform IP layer security solution. If you want to do this, you need to barely guess about the data packet content, in-depth parsing, and so tired.
Why should we cater to TCP because there are many scenarios?
It continued in August 2.
Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.