[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Clarification please!
> Agreed. This seems to be a common, umm, "terminology barrier" which
> newcomers (myself included) trip over.
>
> Part of the problem is that nobody has yet come up with a decent name
> for a "set of related SA's".
I've heard these tossed around by myself and others from time to time:
SA PAIR - A pair of unidirectional SAs that provide protection
on a unicast session by covering each direction. They
are otherwise matched.
e.g. SA spi=0x2112, AH, HMAC-MD5, A -> B
SA spi=0x5150, AH, HMAC-MD5, B -> A
SA BUNDLE - A set of SAs that provide different protections.
e.g. SA spi=0x1001001, ESP, 3DES, <no auth>, A -> B
SA spi=0x82069, AH, HMAC-SHA1, A -> B
Any comments?
Dan
References: