[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (IPng) out-of-band key management is like virtual ...
- To: "Housley, Russ" <housley@spyrus.com>
- Subject: Re: (IPng) out-of-band key management is like virtual ...
- From: "Perry E. Metzger" <perry@imsi.com>
- Date: Tue, 07 Mar 1995 18:13:24 -0500
- Cc: ipsec@ans.net
- In-Reply-To: Your message of "Tue, 07 Mar 1995 14:46:01." <9502077946.AA794616361@spysouth.spyrus.com>
- Reply-To: perry@imsi.com
"Housley, Russ" says:
> >As clearly described in the drafts, SAIDs are assigned at the pleasure
> >of the entity controlling the destination address. The us of "entity
> >controlling" rather than "destination host" was deliberate -- it was
> >there because of multicast.
>
> I agree that the SAID must me assigned by the entity controlling the
> destination address. In fact, this is exactly my point. Key management
> will do something different to establish a security association for two
> IPSP peers than to establish a multicast security association.
>
> The IPSP processing may well be identical once those security associations
> are in place.
If you agree with that, then you are necessarily supporting the point
that structured SAIDs are not needed for multicast.
.pm
Follow-Ups: