Re: ESP revisions straw poll

["Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>]

>Thus the argument becomes where will the null encryption transform
>get documented - as a MAY IMPLEMENT component of the base ESP specification
>having no effect on compliance, or in a separate transform document.

If some people really want it, then they can go ahead and write their
own transform document. It should never appear in the base ESP
document. I'd much rather have vendors say they don't support ESP (or
that they have two versions of IPsec, one domestic and one
exportable), than them claiming they support "a version of ESP that is
almost as secure as the standard says, and it's exportable!".  And
before you go off saying that this statement is (obviously) not true,
let me just remind you that truth and marketing are not necessarily
compatible terms.
Cheers,
-Angelos

PS. I still think ESP should stand for "Encrypting Security
Protocol"...we're IPsec after all, not "Internet Encapsulating
Protocol WG". But that's just me (and a few others :)

---

Follow-Ups:

• Re: ESP revisions straw poll
• From: Bill Sommerfeld <sommerfeld@apollo.hp.com>

References:

• Re: ESP revisions straw poll
• From: dpkemp@missi.ncsc.mil (David P. Kemp)

---

• Prev by Date: Re: ESP revisions straw poll
• Next by Date: Re: ESP revisions straw poll
• Prev by thread: Re: ESP revisions straw poll
• Next by thread: Re: ESP revisions straw poll
• Index(es):
  • Main
  • Thread