Joe: I have come to the same conclusion that an open-source TCP-AO is the next step for TCP-AO. I still hoping for some fairy dust ... to fix the BGP TCP security problem. If you have any ... let me know Susan Hares -----Original Message----- From: Joseph Touch [mailto:touch@xxxxxxxxxxxxxx] Sent: Thursday, April 16, 2020 11:32 AM To: Susan Hares Cc: ops-dir@xxxxxxxx; last-call@xxxxxxxx; draft-ietf-taps-transport-security.all@xxxxxxxx; taps@xxxxxxxx Subject: Re: [Taps] Opsdir telechat review of draft-ietf-taps-transport-security-11 Hi, Susan, > On Apr 16, 2020, at 3:35 AM, Susan Hares via Datatracker <noreply@xxxxxxxx> wrote: > > Reviewer: Susan Hares > ... > Personal plea: > You've clear stated the BGP issue up front. > TCP MD5 is bad (due to privacy issues) and TCP-AO is not deployed.. It is available in Cisco IOS at least. Its biggest drawback appears to be a lack of open-source implementations. > Has the TAPs given any thought to > what might be a replacement that could utilize some of the modern > TCP. Given the problem with TCP-AO deployment is that there is no free implementation and low implementation by vendors, how exactly would a new solution with even less implemented code help? Joe -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
