[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on IPSO and AH/ESP
Ran:
I really like the idea of an implicit security label. The security
association can be established for one particular security label.
Multi-level systems simply establish multiple security associations,
protected in different keys (and maybe different algorithms), one for each
label. This way, all of the overhead associated with labels falls on the
key management protocol, not each datagram.
Russ