[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Death to AH (was Re: SA identification)
On Fri, 23 Mar 2001, Francis Dupont wrote:
> In fact, I don't understand why you think that "death to AH!" means
> "IPsec is for VPN only"...
>
> => I don't know if you were in the mobile-ip room this morning but
> this was very clear (if you weren't I believe the slides will be
> available soon).
No, I wasn't there -- I'm still in Toronto. I'm skeptical of the assertion
that non-VPN applications are impossible without AH; our analysis, at least
for our particular applications, shows no such connection.
I would believe that people might think Mobile IP -- that is, one
*particular* non-VPN application -- is impossible without AH. (I think
they're probably wrong, but this more-specific claim is far more
plausible, and deserves careful attention.)
I would also believe that careless people might think that anything which
isn't Mobile IP is a VPN. That's wrong, but perhaps not obviously so.
> As no IPsec people did object to Jeff's written claims
> about what IPsec can/should use for, I assume they are right...
The question is, how many IPsec people were present?
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: