This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[ipv6-wg] RIPE-501 replacement document - IPsec question to community - we need your input.
- Previous message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question to community - we need your input.
- Next message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question to community - we need your input.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Eric Vyncke (evyncke)
evyncke at cisco.com
Fri Dec 23 17:30:40 CET 2011
Jan, Let's be realistic (and the best quality of RIPE-501++ is to be realistic and 'down to the ground'): very few IPv6-nodes do IPsec... So, let's remove this requirement and make it optional (RFC 6434 clearly shows the path). Going in holiday mode: do you use SSH or telnet+IPsec ? :-) In all friendship, Season's Greetings for all -éric > -----Original Message----- > From: ipv6-wg-bounces at ripe.net [mailto:ipv6-wg-bounces at ripe.net] On Behalf > Of Jan Zorz @ go6.si > Sent: vendredi 23 décembre 2011 09:45 > To: ipv6-wg at ripe.net > Subject: [ipv6-wg] RIPE-501 replacement document - IPsec question to > community - we need your input. > > Dear IPv6 community. > > (copy/paste from our internal discussion) > > The authors of RIPE-501 are finalizing the last comments from previous > last call and would like community input for what to do with IPsec. All > authors feel that IPsec should be a mandatory requirement for all > devices although due to technical limitations, for mobile devices it > will be optional. We are aware that RFC6434 made IPsec support a SHOULD > rather than a MUST. > > From RFC 2119: SHOULD This word, or the adjective "RECOMMENDED", mean > that there may exist valid reasons in particular circumstances to ignore > a particular item, but the full implications must be understood and > carefully weighed before choosing a different course. > > The change was largely due to limitations found in low power devices and > therefore we still feel the community is best served by requiring > mandatory IPsec support in all other devices (hosts, routers or layer-3 > switches, network security devices, load balancers) > > If we get this input from you this year, there is a great chance that we > could put out the new/final draft out for discussion and/or maybe > last-last-call before new year. > > For RIPE-501 authors group, Jan > > P.S: wishing happy new year, merry xmass, happiness, IPv6 and all that > stuff in at least next year :)
- Previous message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question to community - we need your input.
- Next message (by thread): [ipv6-wg] RIPE-501 replacement document - IPsec question to community - we need your input.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]