[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Death to AH (was Re: SA identification)



Michael,

RFC 2401 states that compliant implementations MUST support AH in 
several places. This language is present because the WG strongly 
endorsed it. Fejj Schiller took a straw poll after Peter Ford (MS) 
put forth a proposal that AH become optional at an IETF meeting.  So, 
any vendor that wants to claim compliance with 2401 must support AH. 
As you suggest, that can be changed if the WG sentiment has changed, 
but I am surprised by the form of your question. It seemed to suggest 
that a desire to claim compliance with the IETF standard for the 
IPsec architecture was not sufficient motivation, whereas compliance 
with industry test programs that are not aligned with IETF standards 
was a good motivation. if you really feel this way, perhaps you 
should focus more on contributing to ICSA and related efforts, vs. 
the IPsec WG :-).

Steve


Follow-Ups: References: