> -----Original Message----- > From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On
> Thus, it is my recommendation that the next version of the node > requirements document make support for IPsec and IKE both SHOULDs > only, with a lot more explanatory text that makes it clear that there > are some types of devices where IPsec is not necessarily the best > choice. > > Thoughts? YES! I think this has become a big obstacle to deploying IPv6. I realise that a lot of the early hype about IPv6 implied it was inherently secure, but hype is hype. A high level of security is not achieved by magic. Having to mess with certificates and key exchange is no easier in IPv6 than it is in IPv4! Bert -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------