>> I know there are those here who believe that IPsec is the wrong >> strategy for application security. For these protocols, that ship >> has sailed: we have approved proposed standards that use IPsec. >> This predates my involvement in the IESG. Now we must provide >> usable security based on these existing decisions. Now first, I want to be clear that I have no opinion on whether IPsec actually *is* a wrong strategy for application security; I do not know enough to consider myself competent to hold an opinion on that. But it does seem to me that there *always* needs to be a mechanism for backing out of past mistakes, if they prove to be mistakes - and this appears to be saying that there is none here. Surely *that* needs to be fixed first? Or am I wrong, and the IETF considers itself unable to rectify past mistakes? /~\ The ASCII der Mouse \ / Ribbon Campaign X Against HTML mouse at rodents.montreal.qc.ca / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.