Michael Richardson wrote:
"Masataka" == Masataka
Ohta<mohta(_at_)necom830(_dot_)hpcl(_dot_)titech(_dot_)ac(_dot_)jp>
writes:
Masataka> My context is IPsec in the Internet, which excludes VPNs.
Masataka> Do you know some major application over the Internet using
Masataka> IPsec with transport mode?
Why the restriction of *over*?
Dozens of IETF specifications are not used *over* the Internet, but only
over IP.
Because IPv6 and IPsec were designed for the Internet.
See, for example, RFC1825 saying:
Widespread deployment and use of IP security will require an
Internet-standard scalable key management protocol.
If it were possible to have a universal PKI over the Internet,
IPsec could have succeeded and IPv6 security myths could have
been real.
However, the reality is that there can be no such thing as
a universal PKI.
Note again that ICMPv6 messages were considered to be
authenticated by IPsec through the hypothetical universal PKI.
Masataka Ohta
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf