[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Death to AH (was Re: SA identification)
On Fri, 23 Mar 2001, Ray Savarda wrote:
> To add another voice to the chorus - we would certainly like to see AH
> removed as a requirement. From our perspective it just adds complexity
> without adding much value, and at high speeds, life (IPSEC) is already
> complex enough!
A friend who recently got involved with ipsec has a paranoid idea that
IPSec is NSA's revenge/tradeoff for enabling strong cryptography. What is
the use of good algorithms if a protocol is so complex that it is almost
intractable to implement, analyse and apply?
Helger
PS This is not my personal opinion. :-)
Follow-Ups:
References: