Hi John, RFC4301 states AH is optional. Is there a reason why we are making it a MUST be supported feature. Below quoting RFC4301:
"IPsec implementations MUST support ESP and MAY support AH." Thanks, Vishwas On Wed, Mar 5, 2008 at 11:46 AM, <[EMAIL PROTECTED]> wrote: > Hi all, > > The RFC 4294-bis draft has the following requirement, which comes from > the initial RFC. > > 8.1. Basic Architecture > > Security Architecture for the Internet Protocol [RFC-4301] MUST be > supported. > > 8.2. Security Protocols > > ESP [RFC-4303] MUST be supported. AH [RFC-4302] MUST be supported. > > We have had a lot of discussion that people basically feel that these > requirements > are not applicable and should be moved to SHOULD. I would say that > there is rough > WG Consensus on this. Do people feel if there should be additional text > to explain > this? > > I suggest that the WG Chairs and our ADs discuss this with the Security > ADs to ensure > that this is a reasonable consensus to adopt - so that we do not run > into issues > during the eventual IETF/IESG review. I am not sure that we can go much > further in > discussions in the WG. > > Does anyone have comments on this approach? > > John > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
