Michael Richardson wrote:
>>>>>> "Masataka" == Masataka Ohta<[email protected]> writes:
> Masataka> My context is IPsec in the Internet, which excludes VPNs.
>
> Masataka> Do you know some major application over the Internet using
> Masataka> IPsec with transport mode?
>
> Why the restriction of *over*?
> Dozens of IETF specifications are not used *over* the Internet, but only
> over IP.
Because IPv6 and IPsec were designed for the Internet.
See, for example, RFC1825 saying:
Widespread deployment and use of IP security will require an
Internet-standard scalable key management protocol.
If it were possible to have a universal PKI over the Internet,
IPsec could have succeeded and IPv6 security myths could have
been real.
However, the reality is that there can be no such thing as
a universal PKI.
Note again that ICMPv6 messages were considered to be
authenticated by IPsec through the hypothetical universal PKI.
Masataka Ohta
_______________________________________________
Ietf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ietf
