"No, it's more secure! We have encryption, which means intermediaries can't snoop, but don't you want to be able to monitor what data goes out?"

etc. There's a laundry list of features enterprises care about, better spelled out in the sibling post.

"Well we have Bob from purchasing on the phone and he says we have to put this out for a bid first. And Alice from compliance wants to know, do you have [insert esoteric certification]?"

You really have to know who you are talking to and their motivations before you know what the right sales angle is.

I knew at one point some engineers who added RFC2549 to see if the salespeople were just being yesmen. A few years later I had similar problems with HSM salesman lying about Java support in their products so I can sympathize. Buying a product you cannot use without extreme effort is the pits.

One of them put in a bid to Cisco and got a reply back saying something like they were working on it but having some issues with the birds.

Somehow I knew what RFC2549 was without knowing what it was.

I used to be able to recite it from memory, but it’s starting to get mixed in my head with others, like 1918 which is the NAT RFC, and thus serious.