[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Granularity of authentication in swIPe

To: Steve Kent <kent@BBN.COM>
Subject: Re: Granularity of authentication in swIPe
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 17 Jun 1994 13:47:10 -0400
Cc: Phil Karn <karn@qualcomm.com>, ipsec@ans.net
In-Reply-To: Your message of "Fri, 17 Jun 1994 11:55:29 EDT." <199406171608.AA42611@interlock.ans.net>
Reply-To: perry@imsi.com


Steve Kent says:
> 	The scenarios I envision that might require lots of SAIDs are
> ones in which IPSP is implemented at one routers for large
> organizations.  An organization may elect to assign a different SAID
> for each (ultimate) source-destination address pair.  But SAIDs must
> be unique on a S/D basis between the IPSP implementation points, in
> this case the routers.  Thus there could be a need for many SAIDs
> between a pair of IPSP-capable routers.  If the hosts behind the
> routers are allowed to ask for finer granularity associations, e.g.,
> per TCP connection, then the number could grow even more.

Steve;

Follow-Ups:

Re: Granularity of authentication in swIPe

From: Steve Kent <kent@BBN.COM>

References:

Re: Granularity of authentication in swIPe

From: Steve Kent <kent@BBN.COM>

Prev by Date: Re: Granularity of authentication in swIPe
Next by Date: Re: Granularity of authentication in swIPe
Prev by thread: Re: Granularity of authentication in swIPe
Next by thread: Re: Granularity of authentication in swIPe
Index(es):
- Main
- Thread