On 2010-07-25 05:42, Laganier, Julien wrote:
...
> So if we could come up with processing power and memory values under which a
> device is considered constrained (e.g., less than 50MHz and 8MB memory) and
> IPsec downgrades from a MUST to a SHOULD it seems to me we'd have cleared the
> way.
That is truly an engineering decision for a given implementor.
I can't imagine any values we could choose today that would still
be valid twenty years from now; and we need to think of this RFC
still (perhaps) being used in twenty years.
It's very clear from the IPv4 market, where IPsec/IKE(v2) have
exactly the same value from a security view, that the industry
sees this as a SHOULD requirement. Apart from a vain attempt to
validate the myth that IPv6 is in some way more secure than IPv4,
I can't see any advantage in deviating from a straightforward
RFC 2119 SHOULD. Vendors will do what they will do.
Brian
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
