Hi, >From operational perspective if we are supporting both v4 and v6 (and we will) then having different protocols ESP and AH is and will be a nightmare. Common denominator is ESP-Null. However, there were issues with ESP-Null as it couldnt be deep inspected which has now been solved with WESP.
In short, the argument that "Oh, but we can inspect AH packets" is not relevant anymore. Given this, should we still have AH as a MAY for IPSEC - Cant we deprecate it? WESP is ESP++, and it offers everthing that ESP offers plus more. What is our stance for ESP moving forward? Also, I see that a lot of work done in other WGs is still using ESP (primarily for data integrity). Shouldn’t they be moving to WESP, as WESP offers more flexibility? Jack
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
