16 Nov
2009
16 Nov
'09
1:17 a.m.
Bill Fehring wrote:
On Sun, Nov 15, 2009 at 20:48, Joel Jaeggli <joelja@bogus.com> wrote:
Owen DeLong wrote:
I've never seen anyone use AH vs. ESP. OSPFv3?
Maybe I'm asking a dumb question, but why would one prefer AH over ESP for OSPFv3?
Header protection... still doesn't provide replay protection, your mileage may vary http://tools.ietf.org/html/draft-ietf-opsec-routing-protocols-crypto-issues-...
RFC4552: "In order to provide authentication to OSPFv3, implementations MUST support ESP and MAY support AH."
-Bill