Mark Townsley <m...@townsley.net> wrote:
> My own experience attempting to use IPsec as an add-on security
> solution (a.k.a. "pixie dust) for a protocol isn't all that
> positive. We tried that with L2TP, and in the process failed to kill
> off PPTP on windows clients. I can't tell you how many times over the
> years I've had to point people to the Windows Registry setting to
> disable IPsec with L2TP. OSPFv3 is another one where I get complaints
> about requiring IPsec. So, I agree with Ted; We should be wary of
> falling into the trap of using IPsec just because it is there.That's a poor example for several reasons that have nothing to do with HNCP, and so I won't go into them here. (and I do have tons of L2TP code in the field, sadly) -- Michael Richardson <mcr+i...@sandelman.ca>, Sandelman Software Works -= IPv6 IoT consulting =-
pgpgaOXNHBHEk.pgp
Description: PGP signature
_______________________________________________ homenet mailing list homenet@ietf.org https://www.ietf.org/mailman/listinfo/homenet
