In your previous mail you wrote: While I wouldn't go quite that far, I've been saying for years that the IP header doesn't need any authentication if we have IPsec. => this is not true for IPv6 extension headers or IPv4 options. ... in a note explaining why I thought AH was useless => you can argue this for IPv4, not for IPv6 where extension headers are really used. Many times some of us tried to remove AH, many times we vote to keep it: this topics should be in the "oh not this again" list of IETF and IPsec mailing lists. Regards [EMAIL PROTECTED] PS: "NATs are evil" should be in too (:-)!
- Re: NATs *ARE* evil! Donald E. Eastlake 3rd
- Re: naming RJ Atkinson
- Re: NATs *ARE* evil! Matt Crawford
- Re: NATs *ARE* evil! Valdis . Kletnieks
- Re: NATs *ARE* evil! Donald E. Eastlake 3rd
- Re: NATs *ARE* evil! J. Noel Chiappa
- Re: NATs *ARE* evil! Theodore Y. Ts'o
- Re: NATs *ARE* evil! Bill Sommerfeld
- Re: NATs *ARE* evil! Theodore Y. Ts'o
- Re: NATs *ARE* evil! Steven M. Bellovin
- Re: NATs *ARE* evil! Francis Dupont
- Re: NATs *ARE* evil! Ken Raeburn
- Re: NATs *ARE* evil! Theodore Y. Ts'o
- Re: NATs *ARE* evil! Keith Moore
- Re: NATs *ARE* evil! Sean Doran
- Re: NATs *ARE* evil! V Guruprasad
- Re: NATs *ARE* evil! Theodore Y. Ts'o
- Re: NATs *ARE* evil! V Guruprasad
- Re: NATs *ARE* evil! V Guruprasad
- Re: NATs *ARE* evil! Mike Fisk
- Re: NATs *ARE* evil! Steven M. Bellovin
