AH is pretty useless and perhaps should be deprecated
Mohacsi Janos
mohacsi at niif.hu
Sun Nov 15 06:58:24 UTC 2009
On Sat, 14 Nov 2009, Jack Kohn wrote:
> Hi,
>
> Interesting discussion on the utility of Authentication Header (AH) in
> IPSecME WG.
>
> http://www.ietf.org/mail-archive/web/ipsec/current/msg05026.html
>
> Post explaining that AH even though protecting the source and
> destination IP addresses is really not good enough.
>
> http://www.ietf.org/mail-archive/web/ipsec/current/msg05056.html
>
> What do folks feel? Do they see themselves using AH in the future?
> IMO, ESP and WESP are good enough and we dont need to support AH any
> more ..
They are planning to make OSPFv3 IPSec authentication useless?
Best Regards,
Janos Mohacsi
More information about the NANOG
mailing list