On Oct 31, 2010, at 12:00 AM, Masataka Ohta wrote:
TJ wrote:
I would be quite curious to know your definition of failure, given that
IPsec is currently deployed, and working in "more than a few" deployments
...
Sorry for lack of clarification.
My context is IPsec in the Internet, which excludes VPNs.
That's a strange exclusion, considering VPNs have been the primary use-case for
IPsec over the Internet.
Do you know some major application over the Internet using IPsec
with transport mode?
Yes: SIP. SIP/UDP over IPsec in transport mode on the Internet is not
uncommon. Arguably more common than SIP over TLS, anyway... though that's
expected to change. (and of course SIP over IPsec or TLS are both noise
compared with plain SIP over UDP)
Also, Femtocells running various protocols typically use IPsec over the
Internet, though in tunnel mode I believe - but one wouldn't think of it as
being a "VPN" in the traditional sense.
Oh, and I believe storage/SAN (FCIP, iFCP, iSCSI) use IPsec over the Internet;
or at least the IPsec chip vendors seem to focus on those markets a lot.
Though again in tunnel mode I think, but not a classic "VPN" use.
The Internet is big and diverse - not everything is HTTP and DNS. ;)
-hadriel
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf