On 3/24/21 5:36 PM, Michael Thomas wrote:
IPsec certainly suffered this fate, though with filtering I'm not sure if it would have the right security properties for tunnel mode. Certainly had we used transport mode IPsec instead of SSL we wouldn't be coming back 25 years later worried about the TCP checksum.
IMO IPsec was DOA because it didn't actually consider the needs of applications.
Keith
