Jim, Any idea what host stacks have IPsec implemented today? I'd like to do a bit of testing.
Regards, -Steve At 10:28 AM 10/23/2002 -0400, Bound, Jim wrote: >Read the IPsec arch spec and other specs. IPsec is a MUST according to us in the >IETF for ANY IPv6 implementation. > >As an implementor I would not implement any IPv6 incantation with IPv6 because I >believe to not implement all MUSTs in a spec is not wise. > >Now if at indusrtry implementation forums or bake-offs implementors find the spec >don't work they stop and come tell the IETF. For IPsec that is not the case it does >work. Clearly PKI to IKE interface is a problem for vendors as that usually requires >melding a 3rd party key mgmt infrastructure to your implementation. But that is not >the IETFs problem per se (though they do need to hear the technical issues). > >This does not mean an implementor cannot use alternative methods to secure devices >but to be compliant with the IETF IPsec architecture any implementation MUST do it. > >Users may or may not use our recommendations that is up to the market we have no >control over that in the market. I personally support them adopting IPv6 as one >critical method for securing IP layer communications. But it is not the only one >that they need. > >This is my view and you should get others views too. That is how I read the specs. > >regards, >/jim >-----Original Message----- >From: Mohammad Feroz [mailto:feroz@;tataelxsi.co.in] >Sent: Wednesday, October 23, 2002 6:38 AM >To: Bound, Jim; [EMAIL PROTECTED] >Subject: Re: IPSec Implementaion. > >Thank you for the clarification. I would even like to know whether IPSec is mandatory >to implement for Handheld devices. > >Thanks & Best Regards, >- Feroz >----- Original Message ----- >From: <mailto:Jim.Bound@;hp.com>Bound, Jim >To: <mailto:feroz@;tataelxsi.co.in>Mohammad Feroz ; ><mailto:ipng@;sunroof.eng.sun.com>[EMAIL PROTECTED] >Sent: Tuesday, October 22, 2002 7:51 AM >Subject: RE: IPSec Implementaion. > >IPsec is yes and the architecture. > >/jim >-----Original Message----- >From: Mohammad Feroz [mailto:feroz@;tataelxsi.co.in] >Sent: Monday, October 21, 2002 8:05 AM >To: <mailto:ipng@;sunroof.eng.sun.com>[EMAIL PROTECTED] >Subject: IPSec Implementaion. > >Hello ! > >Is it mandatory to implement Security Architecture for IPv6 for HOSTS? > >Thanks & Best Regards, >- Feroz > >********************************************************* >Mohammed Feroz, >Networking & Communication Group, >Design & Development Centre, >TATA Elxsi Limited, Bangalore >Phone: +91-80-8410222 >Fax: +91-80-8410219 >********************************************************* -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
