[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Death to AH? (was: Reasons for AH & ESP )

To: "Derrell D. Piper" <ddp@xxxxxxxxxxxxxx>, Paul Koning <pkoning@xxxxxxxxx>
Subject: Re: Death to AH? (was: Reasons for AH & ESP )
From: Robert Moskowitz <rgm-sec@xxxxxxxxxxxxxxx>
Date: Fri, 02 Jun 2000 16:05:43 -0400
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <200006021959.MAA19564@gallium.network-alchemy.com>
References: <Your message of "Fri, 02 Jun 2000 15:12:46 EDT." <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 12:59 PM 6/2/2000 -0700, Derrell D. Piper wrote:

I fully support a IPSecond effort to clean up this and several other problems
in the overall architecture.  We now have three years of implementation and
operational experience with IPSec and IKE and this is one of the things that
should be cleaned up.  However, I still would not support this if this were
the sole reason we were to be contemplating opening up the RFC's...

I will bow to the chair, but I seem to recall that pruning is something that can be done and still progress to draft. So though removing AH might seem to be rather major surgery ( :), it might be acceptable to the IESG.

You mention several other problems. Perhaps you could start your own thread on them :)'

Gee I don't liek the way IKE doesn't really define approaches for lifetimes for the ISAKMP SA. Results in interop challenges......

Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com

References:
- Re: Death to AH? (was: Reasons for AH & ESP )
  - From: Paul Koning

Prev by Date: Re: Death to AH? (was: Reasons for AH & ESP )
Next by Date: Re: Death to AH? (was: Reasons for AH & ESP )
Previous by thread: Re: Death to AH? (was: Reasons for AH & ESP )
Next by thread: Re: Interoperability (was: Death to AH?)
Index(es):
- Date
- Thread