[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Use of UDP ports for Photuris

To: ho@cs.arizona.edu (Hilarie Orman)
Subject: Re: Use of UDP ports for Photuris
From: paul@hawksbill.sprintmrn.com (Paul Ferguson)
Date: Wed, 20 Sep 1995 21:47:13 -0500 (EST)
Cc: rja@bodhi.cs.nrl.navy.mil, ipsec@ans.net
In-Reply-To: <199509210047.AA55816@interlock.ans.net> from "Hilarie Orman" at Sep 20, 95 05:46:12 pm


> 
> I'd like to see key management done as a protocol over IP.  This is
> because it facilitates building high-assurance systems.  For example,
> if the host policy requires all user-level network communication to be
> AH or ESP protected, then I can easily build a protocol graph that
> ensures this if key management is in the kernel.  If it isn't, then
> there must be a filter that allows some key management messages to be
> delivered to the user level while blocking other traffic.  This is a
> displeasing architecture.
>

Well, it would also accommodate application layer authentication,
not transport layer, which is what we should all be shooting for
anyway. 

Oops, wrong list.  :-)

- paul

References:

Re: Use of UDP ports for Photuris

From: Hilarie Orman <ho@cs.arizona.edu>

Prev by Date: Re: Use of UDP ports for Photuris
Next by Date: Re: Use of UDP ports for Photuris
Prev by thread: Re: Use of UDP ports for Photuris
Next by thread: Re: Use of UDP ports for Photuris
Index(es):
- Main
- Thread