[119342] in North American Network Operators' Group
Re: AH is pretty useless and perhaps should be deprecated
daemon@ATHENA.MIT.EDU (Bill Fehring)
Mon Nov 16 00:31:09 2009
In-Reply-To: <4B00D9AF.8020202@bogus.com>
Date: Sun, 15 Nov 2009 21:29:58 -0800
From: Bill Fehring <lists@billfehring.com>
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Nov 15, 2009 at 20:48, Joel Jaeggli <joelja@bogus.com> wrote:
> Owen DeLong wrote:
>> I've never seen anyone use AH vs. ESP.
>
> OSPFv3?
Maybe I'm asking a dumb question, but why would one prefer AH over ESP
for OSPFv3?
RFC4552:
"In order to provide authentication to OSPFv3, implementations MUST
support ESP and MAY support AH."
-Bill
