Re: US DoD and IPv6

Brian E Carpenter wrote:

What was always pointed out is that IPv6 use of IPsec doesn't have to
deal with NAT traversal, which was an issue for IPv4 use of IPsec,


It should be noted that IPsec, including AH, works transparently
over port restricted IP, including end to end NAT, if a 4B SPI
is used as a 2B source and a 2B destination port numbers.

until RFC 3948 came along in 2005. Since then, even the weak form of
the "more secure" myth has been indefensible.


IP over TCP is a more robust kludge for legacy NAT.

                                                Masataka Ohta
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread]	Current Thread	[Next in Thread>
Re: US DoD and IPv6, (continued) Re: US DoD and IPv6, Keith Moore Re: US DoD and IPv6, Dave Cridland Re: US DoD and IPv6, Masataka Ohta Re: US DoD and IPv6, Masataka Ohta Re: US DoD and IPv6, Noel Chiappa Re: US DoD and IPv6, Masataka Ohta Re: US DoD and IPv6, Dave CROCKER Re: US DoD and IPv6, Phillip Hallam-Baker Re: US DoD and IPv6, Brian E Carpenter Re: US DoD and IPv6, Dave CROCKER Re: US DoD and IPv6, Masataka Ohta <= Re: US DoD and IPv6, Phillip Hallam-Baker

Previous by Date:	Re: US DoD and IPv6, Masataka Ohta
Next by Date:	Re: US DoD and IPv6, Phillip Hallam-Baker
Previous by Thread:	Re: US DoD and IPv6, Dave CROCKER
Next by Thread:	Re: US DoD and IPv6, Phillip Hallam-Baker
Indexes:	[Date] [Thread] [Top] [All Lists]