This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ipv6-wg] RIPE-501 replacement document - IPsec question tocommunity - we need your input.
- Previous message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question tocommunity - we need your input.
- Next message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question tocommunity - we need your input.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Leo Vegoda
leo.vegoda at icann.org
Tue Dec 27 17:44:42 CET 2011
Hi, On Dec 27, 2011, at 8:08 am, Merike Kaeo wrote: > On Dec 27, 2011, at 7:43 AM, Eric Vyncke (evyncke) wrote: > >> I think that we should keep IPsec/IKEv2 only for firewall and mention to any place where OSPFv3 is mentioned that the support of AH is required. > > Is there an RFC that now states that IPsec AH for OSPFv3 is a 'MUST' or 'SHOULD' and not a 'MAY'? Last I recall the specifics for how to implement IPsec for OSPFv3 are in RFC4552 and states that ESP is a 'MUST' and AH is a 'MAY'. There is an unverified errata report that reverses those key words: http://www.rfc-editor.org/errata_search.php?rfc=4552 It'll be interesting to see if its status is ever changed to verified. Regards, Leo
- Previous message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question tocommunity - we need your input.
- Next message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question tocommunity - we need your input.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]