[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Last Call: Security Architecture for the Internet Protocol to Proposed Standard
Robert Moskowitz wrote:
> Another strong argument for AH was export. The assumption is that AH will
> always be exportable. Getting an export license for an ESP implementation
> that only does NULL-ESP might be a little hard.
Neither AH nor NULL-ESP provide data confidentiality - why is the former protocol
less difficult to export than the latter?
> It might be interesting to have discussions at Chicago if AH should remain
> a MUST, but we need some field experience for that decision.
Question: if AH becomes non-MUST - does it mean that SA Bundles (both Transport
Adjacency and Iterative Tunneling) will also become non-MUST? This will result in
significant simplification of IPsec complient implementations.
Slava Kavsan
IRE
Follow-Ups:
References: