[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pf_key comments
Rodney Thayer writes:
> I am looking into implementing PF_KEY and I have some comments on this too:
>
> 1. I like the idea of sending the IV down from an application. I think
> that an application is a reasonable place to do the random number
> generation because
Its completely unreasonable to send the IV from the application. Since
IVs have to be sent on every packet, that would mean you would need to
do a PF_KEY operation on every packet. This is not going to be
feasable.
Perry
Follow-Ups:
References: