Gabriel:
Some of us believe that allowing WESP to carry encrypted packets is within the charter (there's some recent messages today to this effect). Unfortunately, there's been wording along the lines that the working group realized it was going off-charter, but no such conclusion has been arrived at (and some of us don't share it).
I see the discussion, but so far, I am not convinced by it. I'm still listening ...
Additionally, allowing WESP to carry encrypted packets does not (at least in my mind) make it a general alternative for ESP. WESP has certain applicabilities, and when cooperating with intermediaries is not an issue (e.g., outside of organizational deployments) one could use encrypted ESP packets instead.
It is a replacement (as opposed to a wrapper) if the portions of the packet that are covered by the ICV are different.
Russ _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
