On May 26, 2020, at 3:52 PM, Sander Steffann <san...@steffann.nl<mailto:san...@steffann.nl>> wrote:
Source and destination are in the same domain. Who says that the domain is contiguous? Let's change the example to main and branch offices. Same administrative domain, while still traversing the internet. This is an interesting point. You can protect it with AH to address security concerns about sending the CRH across the big-I Internet, too. I feel like it provides another illustration of the “look at the benefits you get if you work within an existing architecture instead of trying to invent a whole new one” case. You didn’t have to invent a whole new security architecture of your own — you fit into an existing architecture, and got to inherit its security properties. $0.02, —John
_______________________________________________ spring mailing list spring@ietf.org https://www.ietf.org/mailman/listinfo/spring
