On Thu, Dec 6, 2018 at 9:10 PM Christopher Morrow <[email protected]> wrote:
> > > On Thu, Dec 6, 2018 at 5:41 PM Eric Rescorla <[email protected]> wrote: > >> >> routing area (key agility, a stronger algorithm than MD5). And of course >> TCP-AO doesn't attempt to provide privacy. Perhaps you can elaborate on >> what you're referring to here? >> >>> >>> > "TCP-AO is a lie, there is zero deployable code anywhere that supports it" > > was that the gist of his comment? > A rather more elaborated version of this it'd be the whole of mine... because honestly it's the truth. > Sure, but as I said, I don't think of TCP-AO as an example of crypto overreach. It's not something that security people tried to force on the routing people, but rather something that was designed to what we understood the requirements of the routing community. It's of course possible, perhaps even likely, that we got it wrong, but that's a very different thing. -Ekr
_______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
