[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Death to AH (was Re: SA identification)



On Fri, 23 Mar 2001, Ray Savarda wrote:

 > To add another voice to the chorus - we would certainly like to see AH
 > removed as a requirement. From our perspective it just adds complexity
 > without adding much value, and at high speeds, life (IPSEC) is already
 > complex enough!

A friend who recently got involved with ipsec has a paranoid idea that
IPSec is NSA's revenge/tradeoff for enabling strong cryptography. What is
the use of good algorithms if a protocol is so complex that it is almost
intractable to implement, analyse and apply?

Helger
PS This is not my personal opinion. :-)




Follow-Ups: References: