[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: correction on SPIs



Bill,

>Here's what Karn did (and Simpson has a slight variant):
>
> - Each SPI can be used by both AH and ESP.
>
> - AH and ESP have different keys, even when using the same SPI.
>
> - AH and ESP use different algorithms, even when using the same SPI.
>
> - AH and ESP can both be negotiated at the same time (the same exchange).
>
>So, I think of this as a "combined" number space, with orthogonal usage.
>Is that what you mean?
>

If I understand what Ran said correctly, Photuris can still negotiate for
SPI's and transforms as it is doing currently. However, when we build the SA
we will have to identify if it is for ESP or AH. This has to be done if we
are using a single name space. If we use different name spaces, then we can
store the SPI's, key's, and algorithm in the respective names space (AH and
ESP).

--Naganand
----------------------------------------------------------------
naganand@ftp.com
Tel #: (508)659-6743 (O)