The following (crude) pro/con list was outlined at the interim meeting;

TLS issues:
+) Widely available; nice APIs; implement in user space
-) Currently TCP/SCTP only; mainly restricted to certificate-based authentication

IPsec issues:
+) Widely available; wide choice of authentication infrastructures; works with
any transport
-) Horrible APIs (or none at all); may have to access kernel operation

And a followup from Roland Bless:
"...TCP remains vulnerable to the rogue packet problem (as Radia 
Perlman calls it), i.e. an attacker may inject a "valid" TCP packet
that will desynchronize the TCP/TLS connections, i.e. TCP will never
recover from that. In this respect, TLS is less robust than IPsec.
Possibly a combination of TCP/MD5+TLS may prevent this attack, but this
would not be so easy anymore..."