On Sun, 5 Jan 2025, Michael Richardson wrote:
Do we want to cycle things separately? I think that ultimately, we won't. New features that go into ESP need to be negotiated with IKEv2, so I'd put them all into STD79.
Fair point.
Generally, we'd need new documents if there are significant features which have NEVER been useful/implemented, and we should drop them first. (I think that all of AH might fall into that, sadly)
I have tried to kill AH a number of times and failed. I don't think we can strip it out of 430x documents, sadly. I think with IPsec being deployed throughout internal non-internet connected structures, we couldn't really evaluate its deployment well anyway. But perhaps any new variants (like the EESP we are talking about now) could try harder to not specify AH variants. Paul _______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
