Folks, Some questions.
o In a steady state, where we are using WESP only for ESP-NULL, what should a middle box do when it sees ESP traffic, besides hyperventilating and throwing up? Should it run heuristics (dang! no) or should it simply assume that the packet is encrypted and do whatever the local policy dictates it to do for all encrypted packets? I would guess that it'll be the latter as most middle boxes will NOT run heuristics. Then going forward, should we recommend obsoleting the use of NULL cipher with ESP, as thats the easiest way to get folks off using ESP-NULL. o Are we going to approach the other WGs to starting using WESP wherever they propose to use ESP-NULL? Is that the plan? Jack _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
