-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>>>>> "bgreene" == bgreene <Barry> writes:
bgreene> It is worse. People ask me about doing IPSEC to protection
bgreene> routing protocols all the time. The irony is that you are
bgreene> better off NOT doing IPSEC to protect control plane
bgreene> protocols. The perceived risk you are protecting against
bgreene> (man in the middle snooping) eliminates all point
bgreene> protection to the control plane protocol. The multiple
I'm not sure I understand the words "point protection"
I think that you are assuming that if you do IPsec on control
plane packets, that the work has to be performed by the routing plane.
I'm asking for clarification here.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
"The Microsoft _Get the Facts CD_ does not work on Linux." - orospakr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Finger me for keys
iQEVAwUBRFgQp4CLcPvd0N1lAQKpPwgAouSB/bFPlZBpE9SoQuuWO8VwRe+EXU8j
XkOaWM98pecikFUTrWg0T4ai336PpSeWD+IqHH98yBNmSDsFQdkt2olywIa1+ThW
ZUylPh2GY41qPWhUNTiFmLBZd4tPZu4nMCbkwO3Lrv6IG8QQ4tRc1jUnYcH3q7BK
Cb/K/MJobrySCcoO93vG1+RDDhFzqWAfge3Y2CVBUq2PCYgnjbf9jPQosB+N1YaT
g8w10y4U60JHBT4/2itiXX+CPyCS28HSHHxfuTpNz+HMjeIoadiXu2Jg77bpppiS
7dpXgqNt0TDP/WbPKYNq/G2XK5CGZ6Fje/jr8Ei+jv63SFdkrOUoog==
=oi0x
-----END PGP SIGNATURE-----
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.