> -----Original Message----- > From: Paul Wouters [mailto:p...@nohats.ca] > Sent: Monday, May 23, 2016 4:15 PM > To get past middleware boxes that tend to not touch "real" TLS traffic but > mangle anything else.
[HJ] so there is middle box that will only allow TLS traffic (and dropping all plain tcp traffic)? that sounds pretty extreme, but even in such case, nothing prevent such middle box to have a new rule to drop TLS encapsulated IPsec traffic if TLS level encryption is not used. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec