Re: Death to AH (was Re: SA identification)

[Henry Spencer <henry@spsystems.net>]

On Thu, 22 Mar 2001, Francis Dupont wrote:
>    When there was discussion about why AH at all, the only real reason that
>    I can recollect was that Mobile-IPv6 uses it to protect Binding Updates.
>    Well, guess what, AH doesn't really work for them either...
>    
> => Is this opinion "IPsec is for VPN only" the opinion of the majority
> of the IPsec WG? I know this yours, Jeff's and Henry's too...

It's certainly not the opinion of the FreeS/WAN project.  Our current
users mostly run VPNs, but our long-term objectives are elsewhere.  We
think AH is just as useless and undesirable for non-VPN applications as it
is for VPN applications.  In fact, I don't understand why you think that
"death to AH!" means "IPsec is for VPN only"; they seem to me like two
completely separate issues. 

                                                          Henry Spencer
                                                       henry@spsystems.net

---

Follow-Ups:

• Re: Death to AH (was Re: SA identification)
• From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
• Re: Death to AH (was Re: SA identification)
• From: Jun-ichiro itojun Hagino <itojun@iijlab.net>

References:

• Re: Death to AH (was Re: SA identification)
• From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>

---

• Prev by Date: Re: Death to AH (was Re: SA identification)
• Next by Date: Re: Death to AH (was Re: SA identification)
• Prev by thread: Re: Death to AH (was Re: SA identification)
• Next by thread: Re: Death to AH (was Re: SA identification)
• Index(es):
  • Main
  • Thread