Sure. IETF can Tom
On Sun, Jan 4, 2026, 2:42 PM Eliot Lear <[email protected]> wrote: > The rtgarea is a good place to discuss this. Caution: writing a draft is > the easy part. Implementation is king. Those closest to the > implementations that use it will be the ones best able to judge whether the > approach should be deprecated. That's another way of saying, if they think > it ain't broke, it probably should not be fixed. Doing otherwise is likely > to incur MORE maintenance costs on top of fresh code. > Eliot, Sure. IETF can deprecate the protocol for new cases or make it a SHOULD NOT to use, but it's up to individual implementations determine the actions taken to best suit the needs of their users. Tom Eliot > On 04.01.2026 22:05, Robinson, Herbie wrote: > > The OSPF working group has disbanded. So, I suspect the responsibility > lands here. If work on this continues, someone needs to go through all of > the references that have been graciously posted and document the > alternative way to do it. Which will most likely be to use ESP with no > encryption. (that is allowed, now). > > A less painful approach would be to declare AH “frozen”. Frozen meaning > that > > o attempts to integrate it with new work are not required. > o Revising standards to fix existing problems is not a goal. > > And, of course, using ESP with null encryption is the alternative. > > ------------------------------ > *From:* Eliot Lear > > > My point was that we can't on the one hand tell people to use AH and then > on the other hand deprecate it. So before we do this, someone over in > OSPFland should update RFC 5340 with better advice. Same for any other > RFCs that play a similar IPSEC card. > > Eliot > > > -------------------------------------------------------------------- > IETF IPv6 working group mailing [email protected] > List Info: https://mailman3.ietf.org/mailman3/lists/[email protected]/ > -------------------------------------------------------------------- > > _______________________________________________ > Int-area mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ Int-area mailing list -- [email protected] To unsubscribe send an email to [email protected]
