[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on IPSO and AH/ESP

To: "Housley, Russ" <housley@spyrus.com>
Subject: Re: Comments on IPSO and AH/ESP
From: smb@research.att.com
Date: Wed, 16 Aug 95 23:04:06 EDT
Cc: ipsec@ans.net, atkinson@itd.nrl.navy.mil (Ran Atkinson)

	 

	 Ran:

	 I really like the idea of an implicit security label.  The
	 security association can be established for one particular
	 security label.  Multi-level systems simply establish multiple
	 security associations, protected in different keys (and maybe
	 different algorithms), one for each label.  This way, all of
	 the overhead associated with labels falls on the key
	 management protocol, not each datagram.

	 Russ

That's certainly my preference as well.

Prev by Date: Re: Comments on IPSO and AH/ESP
Next by Date: Re: Comments on IPSO and AH/ESP
Prev by thread: Re: Comments on IPSO and AH/ESP
Next by thread: Re: Comments on IPSO and AH/ESP
Index(es):
- Main
- Thread