On Jan 7, 2010, at 3:06 PM, Jack Kohn wrote:
o In a steady state, where we are using WESP only for ESP-NULL, what should a middle box do when it sees ESP traffic, besides hyperventilating and throwing up?
How would that information be used here? Do you want to specify middlebox behavior? In my experience in some environments network administrators would like to prevent encrypted traffic on the wire because they want to inspect packet contents. I'm trying to think of requirements for doing that other than providing the ability to flag the packet as encrypted or not (let's assume that the presence or absence of other encryption protocols is out-of-scope, since it is out-of-scope) and can't see anything obvious. Melinda _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
