Hi. I’d like to address the second comment.
> On 15 Mar 2017, at 3:33, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote: <snip/> > - ENCR_NULL IMO ought be MUST NOT - did the WG discuss > that explicitly? If so, can you provide a pointer to the > archive? If not, does it still have to be a MUST? I do > wonder who wants to use AH via NAT but cannot, which seems > to be the justification. This was raised at some meeting, and it was claimed that people are using it. This includes other standards bodies like IEEE 1588. Although I don’t think IEEE 1588 is ever used over NAT, we need ENCR_NULL if we are to pull AH out of implementations (and implementations have been removing AH for years. It’s practically deprecated) Yoav
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
