[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fwd: Deprecation of AH header from the IPSEC tool kit]
> > IPSEC+AH would seem to be a good choice for all control traffic exchange
> > between routers. If this exchange is confidential, the ESP could be used as
> > well.
>
> RIPV2 is multicast, and AFAIK IPSEC hasn't addressed keying of multicast
> sessions.
The tools are there for people to build multicast key management protocols
for IPsec. An IPsec implementation should be able to handle manually-added
multicast SAs already. Layering one's experimental multicast KM
implementation on top shouldn't be difficult, modulo the actual hard work of
building a multicast KM protocol.
Dan
References: