[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bidding down attach on NAT-T
"jpickering@creeksidenet.com" <jpickering@creeksidenet.com> writes:
> Just a reminder that there are many non-VPN uses for IKE2, such as RPSec's
> interest to use IKE/IPSec to secure routing protocols. Such use does
> not require
> NAT.
Sure, but just because some uses don't require a feature does not
imply that it shouldn't be a "MUST." For example, VPNs don't use AH,
but AH is still a MUST. Similarly, if NAT-T is defined as "MUST
implement if you support ipv4", it does not imply that you have to
_USE_ NAT-T.
Just a reminder that "must implement" does not imply "must use."
> Regards,
> Jeff
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek@ihtfp.com www.ihtfp.com