[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Effective policy enforcement

To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Subject: Re: Effective policy enforcement
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Fri, 11 Apr 1997 00:24:58 +0000
cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

In message <199704100013.TAA00333@morden.sandelman.ottawa.on.ca>, Michael
Richa
rdson writes:
>  This requires an extensive API.

Well, i would think that the important attributes are whether the link
is:

a) encrypted
b) authenticated
c) tunneled (ie the options are protected)
d) compressed (?)

These are addressed (at least to some extend) in Dan McDonald's draft.

>  I'd like to see, as a first step, a work new ipsec wg work item: we
>should be writing drafts to describe SPKI auth/tag fields. I suggest
>that this be scheduled for post-Proposed Status for the existing drafts.

I agree. I wouldn't even mind working towards it.
-Angelos

Prev by Date: Re: IPSec MIB
Next by Date: Re: MUST vs. SHOULD audit
Prev by thread: Re: Effective policy enforcement
Next by thread: Re: Effective policy enforcement
Index(es):
- Main
- Thread