On Thu, Dec 6, 2018 at 9:10 PM Christopher Morrow <morrowc.lists@xxxxxxxxx> wrote:
On Thu, Dec 6, 2018 at 5:41 PM Eric Rescorla <ekr@xxxxxxxx> wrote:routing area (key agility, a stronger algorithm than MD5). And of course TCP-AO doesn't attempt to provide privacy. Perhaps you can elaborate on what you're referring to here?"TCP-AO is a lie, there is zero deployable code anywhere that supports it"was that the gist of his comment?
A rather more elaborated version of this
it'd be the whole of mine.... because honestly it's the truth.
Sure, but as I said, I don't think of TCP-AO as an example of crypto overreach. It's not something that security people tried to force on the routing people, but rather something that was designed to what we understood the requirements of the routing community. It's of course possible, perhaps even likely, that we got it wrong, but that's a very different thing.
-Ekr