Re: Last Call: Security Architecture for the Internet Protocol to

["Scott G. Kelly" <skelly@redcreek.com>]

Peter Ford wrote:
> 
> IPSEC as currently spec'd is HUUUUUUGGGGGGGEEEEEEEEEEEEEEEEE.

IPSEC as currently spec'd is SSSSEEEECCCCUUURRRREEE.

> 
> The amount of MUSTs in the current IPSEC Architecture document is
> unnecessary (and I paraphrase here): host implementations MUST have certain
> mgmt interfaces, manual keying is a MUST, etc., etc.
> 

The amount of MUSTs in the current spec are necessary if you want your
network to be SSSSEEEECCCCUUURRRREEE.

> Of course, if the bulk of the people who are building this stuff remain
> silent and on the sidelines the powerful process of inertia will take over
> and yet another ITU^H^HETF standard will be on its way out the chute.  Folks
> will elect to build the subset they need and deprecate the meaning of "IPSEC
> standards based".  This is particular disconcerting given the coupling of
> IPSEC to IPv6.

I think what you mean to say is that if the bulk of us mind our own
business the powerful process of microsoft will take over and yet
another IETF standard will be ignored by microsoft.

---

Follow-Ups:

• Re: Last Call: Security Architecture for the Internet Protocol to
• From: Robert Moskowitz <rgm-sec@htt-consult.com>

References:

• RE: Last Call: Security Architecture for the Internet Protocol to
• From: Peter Ford <peterf@microsoft.com>

---

• Prev by Date: Re: updated draft-ietf-ipsec-ciph-cbc-03.txt
• Next by Date: Draft agenda for IPSEC working group meeting in LA
• Next by thread: Do we need ?
• Index(es):
  • Main
  • Thread