Bill Fehring wrote: > On Sun, Nov 15, 2009 at 20:48, Joel Jaeggli <joe...@bogus.com> wrote: >> Owen DeLong wrote: >>> I've never seen anyone use AH vs. ESP. >> OSPFv3? > > Maybe I'm asking a dumb question, but why would one prefer AH over ESP > for OSPFv3?
Header protection... still doesn't provide replay protection, your mileage may vary http://tools.ietf.org/html/draft-ietf-opsec-routing-protocols-crypto-issues-02 > RFC4552: > "In order to provide authentication to OSPFv3, implementations MUST > support ESP and MAY support AH." > > -Bill >
