John, If this is a "use" draft you can't say must anything without "use" in the sentence.
/jim > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, March 05, 2002 2:30 AM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; > [EMAIL PROTECTED]; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > Subject: RE: Should IP Security be Optional? > > > Hi all, > > > I do agree that the ESP and AH are really > > simple and easy compared to the rest. Unfortunately, > > this isn't going to be quite as easy as that. > > > > As we point out in section 3.8 the current > > cellular networks sometimes have dynamic IP > > address changes, and therefore manually keyed IPsec > > isn't going to work as such and key management is > > needed. While there might be multiple options > > here, interoperability is a concern and hence > > I feel that we must have a mandated key management > > scheme. In the cellular host requirements draft, we > > have chosen to say that IKE is a MUST in those > > cases where we mandate IPsec. Do you disagree? > > > > (In a way you could say that the cellular draft goes > > *beyond* what the current IETF MUSTs are, given > > that we mandate a full security solution in all cases, > > though at the same time we don't mandate the current > > requirement of AH and ESP in all cases.) > > > > Anyway, this is just *our* proposal on what we think > > would make sense. But the document is controlled by the > > WG; please state your proposed security MUSTs for > > IPv6 hosts, cellular or otherwise. Mike, what would you > > like to have there, for instance? > > Just to add onto Jari - it would be a no-brainer to > state that IPsec (AH & ESP) MUST be supported, > IKE MAY/SHOULD be supported. However, does this > give users anything? Will it increase security for > these devices, or is it just something that will make > folks happy? The authors prefer to have a reasonable > discussion on security within the draft. Knowledge of > the field of Internet Security has increased since > some of the initial IPv6 documents were published ... > > thanks, > John > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to [EMAIL PROTECTED] > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
