[atatatat]

> I have currently no reason to believe that IKE or TLS are intrinsically broken.

Okay. Not worth debating.

> bitching that Cisco et al won't start using it

Sounds like a good way to distinguish between vendors.

[lazide]

Also it’s avoiding any sort of look at history - except super early on, I don’t think any of those large vendors have ever been the early adopters of any new tech or approach. They wait until they have a critical mass of RFPs or sales deals that are blocked by their ability to check that box before they spend the effort to implement it. And the customers generally only start asking for it once it’s already in wide use.

If Cisco did have it already supported, that would be the more shocking case.