[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Nodes and Users
So this makes me realize I don't quite understand how user-level keying
works with Photuris. If this is a stupid question, flame away... :-)
Consider host H running two server processes (maybe under different
userids). Process A says ``I'll accept any authenticated connection.''
Process B says ``I'll accept only connections with triple DES encryption
and full MD5 MAC authentication.''
When a client contacts host H's Photuris port, how does the algorithm
negotiation work? (Should H's OS use a greatest-common-denominator
and insist that the client use triple DES with MD5 MAC?) If I understand
correctly (and maybe I don't), H's Photuris can't know which server
process the new SPI will be destined for...
References: