On Sat, 14 Nov 2009, Jack Kohn wrote:
Hi,
Interesting discussion on the utility of Authentication Header (AH) in
IPSecME WG.
http://www.ietf.org/mail-archive/web/ipsec/current/msg05026.html
Post explaining that AH even though protecting the source and
destination IP addresses is really not
On Nov 14, 2009, at 8:28 PM, David Barak wrote:
> I've seen AH used as a "prove that this hasn't been through a NAT" mechanism.
> In this context, it's pretty much perfect.
>
> However, what I don't understand is where the dislike for it originates: if
> you don't like it, don't run it. It i
I've seen AH used as a "prove that this hasn't been through a NAT"
mechanism. In this context, it's pretty much perfect.
However, what I don't understand is where the dislike for it originates: if you
don't like it, don't run it. It is useful in certain cases, and it's already
in all of the p
On Nov 14, 2009, at 2:46 PM, Adam Stasiniewicz wrote:
> I have see AH used in network segmentation. I.e. systems is group A are
> configured with rules to require all communication be over AH. Systems in
> group B (which have no AH and no appropriate certificates configured) can't
> chat with g
I have see AH used in network segmentation. I.e. systems is group A are
configured with rules to require all communication be over AH. Systems in
group B (which have no AH and no appropriate certificates configured) can't
chat with group A. The benefit of using AH vs. ESP in this case is twofold
I prefer letting the market deprecate things. If no one uses AH, someday the
IETF can mark it as "Historic," but long before that there will come a time
when no one is interested in doing any more work on it. I was at the IETF
IPsec WG meeting (in Los Angeles in the mid-90s) when AH would have died
Jim Mercer wrote:
can anyone point me at a Kaspersky tech with a clue? maybe we can re-craft
our login url to not offend the Kaspersky suite.
Forwarding.
Gadi.
--
Gadi Evron,
g...@linuxbox.org.
Blog: http://gevron.livejournal.com/
it seems that kaspersky anti-virus is "detecting" our hotspot captive portal
login as a "Trojan-Downloader.Script.Generic".
my googling on this seems to indicate that it isn't finding so much a
signature, but something in the url that is "suspicious".
unfortunately, this is causing some fairly u
8 matches
Mail list logo