[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Emphasizing Key Mgmt
Steve:
I strongly encourage you to leave IPSEC whole.
The present charter says that the IPSP will eb done first, then the Key
Management work will be done. This meets the "serialized: concern reaised by
Frank Kastenholz.
As I have stated many times on this list, key management has four phases:
1. Generate key
2. Negotiate attributes
/* We call a key bound with its attributes a security
association */
3. Use the security association
4. Delete the security association
Step 2 cannot be described is sufficient detail for implementation until you
know ehich attributes are needed by IPSP.
Russ
References: