[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: >RFC1108 vs SAID

To: ipsec@ans.net (ip security mailing list)
Subject: Re: >RFC1108 vs SAID
From: Paul_Lambert@poncho.phx.sectel.mot.com (Paul Lambert)
Date: Mon, 26 Apr 1993 10:08:13 MST

        Reply to:   RE>>RFC1108 vs SAID

>From: Ran Atkinson  <atkinson@tengwar.itd.nrl.navy.mil
>
>We should keep IPv4 Security Protocol completely independent of the IP
>labelling scheme.  This means that the SAID should be reasonably large.
>GE has 6 vertical levels for internal information, other commercial users
>will vary.  US DoD nominally has 5 vertical levels, but I've seen as many
>as 8 vertical levels used on some trusted systems.
>
>Ran
>atkinson@itd.nrl.navy.mil

What is the requirement for linking the SAID with labeling in the manner you
are implying?  

A key per label has never been a requirement or desireable feature of SP3 or
NLSP.  There may be some confusion about this due to the key per connection
requirement imposed by SP4.  SP4 required unique keys because of sequence
number space considerations.  


Paul

Prev by Date: Re: RFC1108 vs SAID
Next by Date: Re: >IPv4 Security & MLS
Prev by thread: Re: IPv4 SP & SAID
Next by thread: Re: >IPv4 Security & MLS
Index(es):
- Main
- Thread