>>>>> "Jari" == Jari Arkko <jari.arkko at piuha.net> writes:
Jari> Sam Hartman wrote:
>> Personally, I would prefer something IPsec-based to this
>> approach.
>>
>>
Jari> Ok. Has someone worked out the details of that? Is there a
Jari> draft that describes how IPsec is used for this purpose,
Jari> along with a discussion of how the SPD, SAD, PAD etc. are
Jari> set up? I have the personal experience that often you get
Jari> surprises when you try to do this... although BGP appears to
Jari> be a simple case, being run over TCP on a fixed port.
The issue in my mind is that the implementers and operators have said
they cannot use IPsec for non-protocol issues. The implementations
don't currently support using IPsec for control traffic. So, it may
well be a non-starter.
I want to see the problem solved far more than I want to see it solved
with IPsec. But if I were starting from a clean slate I would prefer
IPsec.
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.