[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Death to AH (was Re: SA identification)
On Fri, 23 Mar 2001, FUKUMOTO Atsushi wrote:
> > (Note, for example, IESG's recently-expressed doubts about
> > whether the authentication requirements of Binding Updates can really be
> > met using AH.)
>
> I have read it as a doubt to the use of IPSec in general, rather than
> AH alone... Was I wrong?
You are correct, but you've missed the implication: this is an alleged
"requirement for AH" which, on closer examination, cannot actually be
satisfied by AH (or ESP). So it's not a requirement for AH at all, and
cannot be used to justify keeping AH.
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: