-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Feb 26, 2008, at 5:24 AM, Manfredi, Albert E wrote: > One detail I'm not clear on is whether or why routers, which may > well be in non-secure spaces, are required to support ESP. I-D 4294- > bis doesn't elaborate - it just says "nodes" must. The question, at least in my mind, isn't whether they always have to use it, but whether sometimes it is appropriate to use. If it is sometimes appropriate, then it has to be implemented and supported whether or not it is configured. Operationally, I think that SSH/SSL is the mechanism most people use to secure network management, which raises a question as to the real need for IPsec in the router. That is a discussion that should be had with the operational community. -----BEGIN PGP SIGNATURE----- iD8DBQFHw5lbbjEdbHIsm0MRAvkQAJ9P5GadUuq6B2jw/bU7U7lZUcnPfwCgnQRk Kp3PRdrqjVfRP0vvhK8RVP0= =fVnR -----END PGP SIGNATURE----- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: http://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------