[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: "user" and "network layer" security. reply to respondents.
I have always thought about this from the point of view that the
user level does indeed sometimes have a direct influence on
lower layers in the stack. IP options for example can be
manipulated by a user to get particular attributes from a
mode of communication.
With IPv6, and those new headers that can be inserted between
the conventional layers of the stack, attributes of packets that
are sent out can be set by a user level application. Personally,
I do not believe this constitutes breaking the architecture, but
simply provides required control over the data (and corresponding
attributes) that are sent and received. I think IPSec falls into
this category.
On Fri, 30 Aug 1996, M.C.Nelson wrote:
> Bill,
>
> The transport layer doesn't have "user" either. Adding a "user" concept
> in a new layer between the transport and network layer still breaks the
> network architecture.
>
> Regards,
> Mitch Nelson
> netsec@panix.com
>
>
>
>
> On Thu, 29 Aug 1996, Bill Sommerfeld wrote:
>
> > Another way of looking at ipsec is that the transforms are really a
> > layer *in between* network and transport.
> >
> > You're not so much adding a "user" concept at the network layer as
> > adding a new layer next to the transport layer, which already has a
> > concept of "user".
> >
> > - Bill
> >
>
--------------------------------------------------------------------
Peter Howlett Atlantic Systems Group
E-Mail: Peter.Howlett@ASG.unb.ca Fredericton, N.B. Canada
http://www.ASG.unb.ca/personal/ph.html Phone: (506) 447-3050
PGP Key ID: 60F2EEC1 Fax: (506) 453-5004
References: