AH is pretty useless and perhaps should be deprecated
joelja at bogus.com
Mon Nov 16 04:48:47 UTC 2009
Owen DeLong wrote:
> I've never seen anyone use AH vs. ESP.
> I've always used ESP and so has
> every other IPSEC implementation I've seen anyone do.
> On Nov 13, 2009, at 4:22 PM, Jack Kohn wrote:
>> Interesting discussion on the utility of Authentication Header (AH) in
>> IPSecME WG.
>> Post explaining that AH even though protecting the source and
>> destination IP addresses is really not good enough.
>> What do folks feel? Do they see themselves using AH in the future?
>> IMO, ESP and WESP are good enough and we dont need to support AH any
>> more ..
More information about the NANOG