Guidelines for mandating the use of ipsec
We also claim that the problems are more fundamental than the lack of suitable APIs and management tools.
Finally, we present some potential architectural modifications which could improve the situation, and discuss the practical challenges in achieving these modifications.
[Ballot discuss]The introductions says: This document offers some guidance on when IPsec should and should not be specified.This leads to the question: Who is the intended audience for this document? This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026.In this paper we discuss the structure and shortcomings of the IPsec security policy mechanisms as partial reasons for this situation. We describe our experiences in using IPsec in a number of situations, including IPv6 control protocols, mobility protocols, network management, and multimedia protocols.