[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bellovin's attack and others like it

To: rubin@mgoblue.bellcore.com (Aviel D Rubin)
Subject: Re: Bellovin's attack and others like it
From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 11 Apr 1995 13:03:03 -0400
Cc: ipsec@ans.net
In-Reply-To: Your message of "Tue, 11 Apr 1995 11:31:57 EDT." <199504111624.AA41410@interlock.ans.net>
Reply-To: perry@imsi.com


Aviel D Rubin says:
> Now, I have a totally different question. At the IETF in
> Danvers, I asked many people that are implementing key
> management, how do you do key management over IP when your
> policy indicates that all IP traffic must be encrypted?
> The answer I got from everyone is that you somehow mark
> the key management packets so that they are allowed. Doesn't
> that violate the independence of the layers in the network?

In my implementation, which permits per socket keying, the layers
already have enhanced communication on such matters -- this is NOT the
same as violating layering.

.pm

References:

Re: Bellovin's attack and others like it

From: rubin@mgoblue.bellcore.com (Aviel D Rubin)

Prev by Date: Re: Comments on latest IPSP drafts
Next by Date: Re: Comments on latest IPSP drafts
Prev by thread: Re: Bellovin's attack and others like it
Next by thread: Re: Bellovin's attack and others like it
Index(es):
- Main
- Thread