The Problem Several references disclose vulnerabilities but are largely ignored Some popular clients don’t implement IPSEC per RFC3579 Impact of compromised secret is serious Compromised authentication, decryption of link-layer encryption mechanisms Loss of keys == Loss of certificates |