nanog mailing list archives
Re: AH is pretty useless and perhaps should be deprecated
From: Owen DeLong <owen () delong com>
Date: Fri, 13 Nov 2009 16:49:40 -0800
I've never seen anyone use AH vs. ESP. I've always used ESP and so has every other IPSEC implementation I've seen anyone do. Owen On Nov 13, 2009, at 4:22 PM, Jack Kohn wrote:
Hi, Interesting discussion on the utility of Authentication Header (AH) in IPSecME WG. http://www.ietf.org/mail-archive/web/ipsec/current/msg05026.html Post explaining that AH even though protecting the source and destination IP addresses is really not good enough. http://www.ietf.org/mail-archive/web/ipsec/current/msg05056.html What do folks feel? Do they see themselves using AH in the future? IMO, ESP and WESP are good enough and we dont need to support AH any more .. Jack
Current thread:
- AH is pretty useless and perhaps should be deprecated Jack Kohn (Nov 13)
- Re: AH is pretty useless and perhaps should be deprecated Owen DeLong (Nov 13)
- Re: AH is pretty useless and perhaps should be deprecated Jack Kohn (Nov 13)
- Re: AH is pretty useless and perhaps should be deprecated Luca Tosolini (Nov 13)
- Re: AH is pretty useless and perhaps should be deprecated Thomas Maufer (Nov 14)
- Re: AH is pretty useless and perhaps should be deprecated Joel Jaeggli (Nov 15)
- Re: AH is pretty useless and perhaps should be deprecated Bill Fehring (Nov 15)
- Re: AH is pretty useless and perhaps should be deprecated Joel Jaeggli (Nov 15)
- Re: AH is pretty useless and perhaps should be deprecated Jack Kohn (Nov 16)
- Re: AH is pretty useless and perhaps should be deprecated James Hess (Nov 16)
- Re: AH is pretty useless and perhaps should be deprecated Steven Bellovin (Nov 16)
- Re: AH is pretty useless and perhaps should be deprecated David Barak (Nov 16)
- Re: AH is pretty useless and perhaps should be deprecated Jack Kohn (Nov 13)
- Re: AH is pretty useless and perhaps should be deprecated Owen DeLong (Nov 13)