[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
guidelines for specifying the use of IPsec in other protocols
Folks in this group may be interested in draft-bellovin-useipsec-00.txt
Abstract
The Security Considerations sections of many Internet Drafts say,
in effect, "just use IPsec". While this is sometimes correct,
more often it will leave users without real, interoperable security
mechanisms. This memo offers some guidance on when IPsec should and
should not be specified.
Note that at this point, it is a personal draft, and doesn't represent
anyone's opinions but my own.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)