Hi Acee, The reason IPsec mandates ESP as for most part ESP is a superset of AH and the aim is to somehow not have 2 ways to do things when they can be done with just one protocol.
Thanks, Vishwas On Wed, Nov 3, 2010 at 8:50 AM, Acee Lindem <[email protected]> wrote: > Hi Vishwas, > Do you recall the reason for making ESP mandatory and AH optional for OSPFv3 > IPsec? > Thanks, > Acee > On Nov 2, 2010, at 8:05 PM, Vishwas Manral wrote: > >> Hi, >> >> This errata is wrong. ESP provides authentication as well as >> confidentiality, have a look at RFC 4301. >> >> Thanks, >> Vishwas >> >> On Tue, Nov 2, 2010 at 8:53 AM, RFC Errata System >> <[email protected]> wrote: >>> >>> The following errata report has been submitted for RFC4552, >>> "Authentication/Confidentiality for OSPFv3". >>> >>> -------------------------------------- >>> You may review the report below and at: >>> http://www.rfc-editor.org/errata_search.php?rfc=4552&eid=2599 >>> >>> -------------------------------------- >>> Type: Technical >>> Reported by: John W. O'Brien <[email protected]> >>> >>> Section: 3 >>> >>> Original Text >>> ------------- >>> In order to provide authentication to OSPFv3, implementations MUST support >>> ESP and MAY support AH. >>> >>> >>> Corrected Text >>> -------------- >>> In order to provide authentication to OSPFv3, implementations MUST support >>> AH and MAY support ESP. >>> >>> Notes >>> ----- >>> Authentication can be provided by an implementation that supports AH only. >>> >>> Instructions: >>> ------------- >>> This errata is currently posted as "Reported". If necessary, please >>> use "Reply All" to discuss whether it should be verified or >>> rejected. When a decision is reached, the verifying party (IESG) >>> can log in to change the status and edit the report, if necessary. >>> >>> -------------------------------------- >>> RFC4552 (draft-ietf-ospf-ospfv3-auth-08) >>> -------------------------------------- >>> Title : Authentication/Confidentiality for OSPFv3 >>> Publication Date : June 2006 >>> Author(s) : M. Gupta, N. Melam >>> Category : PROPOSED STANDARD >>> Source : Open Shortest Path First IGP >>> Area : Routing >>> Stream : IETF >>> Verifying Party : IESG >>> _______________________________________________ >>> OSPF mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/ospf >>> >> _______________________________________________ >> OSPF mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/ospf > > _______________________________________________ OSPF mailing list [email protected] https://www.ietf.org/mailman/listinfo/ospf
