[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key management

To: Hilarie Orman <ho@cs.arizona.edu>
Subject: Re: key management
From: "Perry E. Metzger" <perry@imsi.com>
Date: Wed, 14 Dec 1994 09:20:42 -0500
Cc: ipsec@ans.net
In-Reply-To: Your message of "Tue, 13 Dec 1994 19:38:50 MST." <199412140238.TAA06409@umbra.CS.Arizona.EDU>
Reply-To: perry@imsi.com


Hilarie Orman says:
> >  On the receive side, the network layer passes
> >  the SAID up with the (decrypted) packet so that the transport can
> >  compare the SAID against the one it is supposed to be using for the
> >  socket in question.
> 
> Do you mean that the transport layer checks that the user id associated
> with the SAID is the same as the user id associated with the socket?

No. The socket could only be bound to a particular SAID by the owner
of the SAID -- that check need only be done once. The transport need
merely make sure that if it has been set to use a SAID for its work
that the network layer's idea of what SAID was being used is the same
as its own.

Perry

Follow-Ups:

Re: key management

From: Charlie Watt <watt@sware.com>

References:

Re: key management

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: Re: Diffie-Hellman (note by Hugo)
Next by Date: Re: user keys
Prev by thread: Re: key management
Next by thread: Re: key management
Index(es):
- Main
- Thread