[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Death to AH? (was: Reasons for AH & ESP )

To: ipsec@lists.tislabs.com
Subject: Re: Death to AH? (was: Reasons for AH & ESP )
From: Michael Richardson <mcr@solidum.com>
Date: Fri, 02 Jun 2000 16:50:30 -0400
In-Reply-To: Your message of "Fri, 02 Jun 2000 12:17:36 PDT." <392A357CE6FFD111AC3E00A0C99848B002FE9744@hdsmsx31.hd.intel.com>
Sender: owner-ipsec@lists.tislabs.com


    Bob> From: Robert Moskowitz [mailto:rgm-sec@htt-consult.com]

    Bob> I am all for a rough concensus that will change the IPsec/IKE standards to 
    Bob> list AH as a Historical protocol that should not be implemented anymore.

  I concur that the value of AH is dubious at present. But the present
consists of people deploying VPNs.

  I believe that the value of AH has yet to appear. The simplest value of it
over ESP-NULL is that one knows that the packet isn't encrypted, and
therefore it can be audited. I am therefore strongly opposed to it moving to
historical status.

  I believe that having it as MAY is reasonable for IPv4.

  I believe that the decision as to MAY/SHOULD/MUST for IPv6 should be left to ipngwg.

   :!mcr!:            |  Solidum Systems Corporation, http://www.solidum.com
   Michael Richardson |For a better connected world,where data flows faster<tm>
 Personal: http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html
	mailto:mcr@sandelman.ottawa.on.ca	mailto:mcr@solidum.com

References:

RE: Death to AH? (was: Reasons for AH & ESP )

From: "Walker, Jesse" <jesse.walker@intel.com>

Prev by Date: Re: Death to AH? (was: Reasons for AH & ESP )
Next by Date: Re: Death to AH? (was: Reasons for AH & ESP )
Prev by thread: RE: Death to AH? (was: Reasons for AH & ESP )
Next by thread: Re: Death to AH? (was: Reasons for AH & ESP )
Index(es):
- Main
- Thread