[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Granularity of authentication in swIPe

To: Theodore Ts'o <tytso@athena.mit.edu>
Subject: Re: Granularity of authentication in swIPe
From: Steve Kent <kent@BBN.COM>
Date: Wed, 22 Jun 94 16:51:16 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of Wed, 22 Jun 94 16:07:53 -0400. <9406222007.AA22023@tsx-11.MIT.EDU>

Ted,

	I misread your message.  I see that you suggested that IPSP
parse the header and pass a data structure to the crypto module with
the parsed components, from which the crypto module can then select
what ever it needs.  That makes my comments on the burden of parsing
not quite correct.  As you observed, it just means that the crypto
module can't be a generic one, but rather a layer of indirection is
needed if an underlying generic crypto module is employed.  That
observation is consistent with the comments I made.

Steve

References:

Re: Granularity of authentication in swIPe

From: tytso@ATHENA.MIT.EDU (Theodore Ts'o)

Prev by Date: Re: Granularity of authentication in swIPe
Next by Date: Re: Granularity of authentication in swIPe
Prev by thread: Re: Granularity of authentication in swIPe
Next by thread: Re[2]: Granularity of authentication in swIPe
Index(es):
- Main
- Thread