Sorry, that was a cut & paste mistake. AH is a MAY. John
>-----Original Message----- >From: ext Vishwas Manral [mailto:[EMAIL PROTECTED] >Sent: 05 March, 2008 12:12 >To: Loughney John (Nokia-OCTO/PaloAlto) >Cc: ipv6@ietf.org >Subject: Re: Security Requirements for IPv6 Node Req summary > >Hi John, > >RFC4301 states AH is optional. Is there a reason why we are >making it a MUST be supported feature. Below quoting RFC4301: > >"IPsec implementations MUST support ESP and MAY > support AH." > >Thanks, >Vishwas > >On Wed, Mar 5, 2008 at 11:46 AM, <[EMAIL PROTECTED]> wrote: >> Hi all, >> >> The RFC 4294-bis draft has the following requirement, which comes >> from the initial RFC. >> >> 8.1. Basic Architecture >> >> Security Architecture for the Internet Protocol [RFC-4301] MUST be >> supported. >> >> 8.2. Security Protocols >> >> ESP [RFC-4303] MUST be supported. AH [RFC-4302] MUST be >supported. >> >> We have had a lot of discussion that people basically feel >that these >> requirements are not applicable and should be moved to SHOULD. I >> would say that there is rough WG Consensus on this. Do >people feel >> if there should be additional text to explain this? >> >> I suggest that the WG Chairs and our ADs discuss this with the >> Security ADs to ensure that this is a reasonable consensus >to adopt >> - so that we do not run into issues during the eventual IETF/IESG >> review. I am not sure that we can go much further in >discussions in >> the WG. >> >> Does anyone have comments on this approach? >> >> John >> >> -------------------------------------------------------------------- >> IETF IPv6 working group mailing list >> ipv6@ietf.org >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 >> -------------------------------------------------------------------- >> > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------