On Apr 2, 2011, at 10:54 AM, Stephen Kent wrote: > At 6:32 AM -0700 4/1/11, John Scudder wrote: >> On Apr 1, 2011, at 1:22 PM, Randy Bush wrote: >>> i propose that i rev the doc to say >>> o the transport must provide authentication and integrity >>> o the current ssh description is an example >>> o other transport meeting the authentication and integrity constraints >>> are welcome >>> >>> of course, this will leave open the mandatory-to-implement LCD issue. >>> sigh. >> >> I think we shouldn't punt on a mandatory transport. I suggest TCP-MD5 for >> practical reasons, including the open source support issue Chris raised. >> >> --John > > I expect TCP-MD5 to be deprecated (soon?), since we have already deprecated > MD5. I don't think the IESG would approve of a reference to that RFC.
Well it was worth a try. I think the next-best option is TCP-AO. --John _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
