[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf_key comments

To: Rodney Thayer <rodney@sabletech.com>
Subject: Re: pf_key comments
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 03 Jan 1997 12:03:53 -0500
cc: ipsec@tis.com
In-reply-to: Your message of "Fri, 03 Jan 1997 09:58:50 EST." <3.0.16.19970103095702.364738dc@pop3.pn.com>
Reply-To: perry@piermont.com
Sender: owner-ipsec@ex.tis.com

Rodney Thayer writes:
> I am looking into implementing PF_KEY and I have some comments on this too:
> 
> 1. I like the idea of sending the IV down from an application.  I think
> that an application is a reasonable place to do the random number
> generation because 

Its completely unreasonable to send the IV from the application. Since
IVs have to be sent on every packet, that would mean you would need to
do a PF_KEY operation on every packet. This is not going to be
feasable.

Perry

Follow-Ups:

Re: pf_key comments

From: Dennis Glatting <dennis.glatting@plaintalk.bellevue.wa.us>

References:

pf_key comments

From: Rodney Thayer <rodney@sabletech.com>

Prev by Date: pf_key comments
Next by Date: Re: pf_key comments
Prev by thread: pf_key comments
Next by thread: Re: pf_key comments
Index(es):
- Main
- Thread