I would be quite curious to know your definition of failure, given that IPsec is currently deployed, and working in "more than a few" deployments ...
On a possibly related note, IPv6 use deployed and working too ...
/TJ
On Oct 27, 2010 12:08 PM, "Masataka Ohta" <mohta@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> Steven Bellovin wrote:
>
>> The core issue was indeed that IPsec was mandated for v6. We
>> were *very* overoptimistic about how long it would take before
>> roll-out started in earnest. In fact, we underestimated how
>> long it would take to get good specs for all the important
>> pieces. We also underestimated how long IPsec would take,
>> though that was partially (but only partially) because IPsec
>> version 1 (RFCs 1825-1829) had to be thrown away.
>
> Quite simply, it is merely that IPsec had totally failed long
> before IPv6 totally failed.
>
> FYI, total failure of IPsec is not the only reason of total
> failure of IPv6.
>
> Masataka Ohta
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www.ietf.org/mailman/listinfo/ietf
> Steven Bellovin wrote:
>
>> The core issue was indeed that IPsec was mandated for v6. We
>> were *very* overoptimistic about how long it would take before
>> roll-out started in earnest. In fact, we underestimated how
>> long it would take to get good specs for all the important
>> pieces. We also underestimated how long IPsec would take,
>> though that was partially (but only partially) because IPsec
>> version 1 (RFCs 1825-1829) had to be thrown away.
>
> Quite simply, it is merely that IPsec had totally failed long
> before IPv6 totally failed.
>
> FYI, total failure of IPsec is not the only reason of total
> failure of IPv6.
>
> Masataka Ohta
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf