The OSPF working group has disbanded. So, I suspect the responsibility lands here. If work on this continues, someone needs to go through all of the references that have been graciously posted and document the alternative way to do it. Which will most likely be to use ESP with no encryption. (that is allowed, now).
A less painful approach would be to declare AH “frozen”. Frozen meaning that o attempts to integrate it with new work are not required. o Revising standards to fix existing problems is not a goal. And, of course, using ESP with null encryption is the alternative. ________________________________ From: Eliot Lear My point was that we can't on the one hand tell people to use AH and then on the other hand deprecate it. So before we do this, someone over in OSPFland should update RFC 5340 with better advice. Same for any other RFCs that play a similar IPSEC card. Eliot
_______________________________________________ Int-area mailing list -- [email protected] To unsubscribe send an email to [email protected]
