[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
re... usage models
An end node talking to a "tunnel head" is one model I am looking at.
Think of a notebook PC communicating with a firewall at the edge of a
corporate intranet.
I have the (general vague) impression other people think this is a realistic
model.
>Date: Tue, 09 Jul 1996 12:09:28 -0400
>To: Michael Richardson <mcr@milkyway.com>, ipsec@TIS.COM
>From: Robert Moskowitz <rgm3@chrysler.com>
>
>At 03:16 PM 7/5/96 -0400, Michael Richardson wrote:
>>In a galaxy far, far away, : Fri, 05 Jul 1996 11:29:03 EST
>>> end-to-end authentication of IP headers. It is desirable to tweak the
>>> architecture so that authentication provided by ESP has the same
>>> security as authentication provided by AH. Then only a single security
>>> header is needed for end-to-end confidentiality + authentication.
>>
>> Except that tunnel mode will most often be used by security gateways, not
>>the end-to-end contents.
>
>Not quite. I THINK it will be used in end-to-gateway-to-end as well. Yes?
>
>Robert Moskowitz
>Chrysler Corporation
Rodney Thayer <rodney@sabletech.com> +1 617 332 7292
Sable Technology Corp, 246 Walnut St., Newton MA 02160 USA
Fax: +1 617 332 7970 http://www.shore.net/~sable
"Developers of communications software"