[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Nodes and Users

To: bsimpson@morningstar.com (William Allen Simpson)
Subject: Re: Nodes and Users
From: David A Wagner <daw@CS.Berkeley.EDU>
Date: Fri, 13 Oct 1995 16:17:40 -0700 (PDT)
Cc: ipsec@ans.net
In-Reply-To: <199510132019.AA55807@interlock.ans.net> from "William Allen Simpson" at Oct 13, 95 07:24:10 pm

So this makes me realize I don't quite understand how user-level keying
works with Photuris.  If this is a stupid question, flame away... :-)

Consider host H running two server processes (maybe under different
userids).  Process A says ``I'll accept any authenticated connection.''
Process B says ``I'll accept only connections with triple DES encryption
and full MD5 MAC authentication.''

When a client contacts host H's Photuris port, how does the algorithm
negotiation work?  (Should H's OS use a greatest-common-denominator
and insist that the client use triple DES with MD5 MAC?)  If I understand
correctly (and maybe I don't), H's Photuris can't know which server
process the new SPI will be destined for...

References:

Nodes and Users

From: "William Allen Simpson" <bsimpson@morningstar.com>

Prev by Date: Nodes and Users
Next by Date: Re: Photuris Terminology
Prev by thread: Nodes and Users
Next by thread: Re: Nodes and Users
Index(es):
- Main
- Thread