[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Death to AH? (was: Reasons for AH & ESP )
At 12:59 PM 6/2/2000 -0700, Derrell D. Piper wrote:
>I fully support a IPSecond effort to clean up this and several other problems
>in the overall architecture. We now have three years of implementation and
>operational experience with IPSec and IKE and this is one of the things that
>should be cleaned up. However, I still would not support this if this were
>the sole reason we were to be contemplating opening up the RFC's...
I will bow to the chair, but I seem to recall that pruning is something
that can be done and still progress to draft. So though removing AH might
seem to be rather major surgery ( :), it might be acceptable to the IESG.
You mention several other problems. Perhaps you could start your own
thread on them :)'
Gee I don't liek the way IKE doesn't really define approaches for lifetimes
for the ISAKMP SA. Results in interop challenges......
Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com