[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SAs and SPIs

To: ipsec@tis.com
Subject: Re: SAs and SPIs
From: dpkemp@missi.ncsc.mil (David P. Kemp)
Date: Mon, 18 Aug 1997 14:29:03 -0400
Sender: owner-ipsec@ex.tis.com

> From: John Shriver <jas@shiva.com>
> 
> What you are asking about is NOT what IPSec is about.
> 
> You are asking about multi-level security.  That's about labeling
> everything with a security level.  It's about distrust between the
> members of the same organization.  See the National Computer Security
> Center "Orange Book".  Of see section 25.2 of Schneier's "Applied
> Cryptography", which gives an introduction.  Also, see the RFC's on
> the IP Security Option.
> 
> IPsec is primarily about protection from external predators.  Not from
> internal ones.


I'm sure the new co-chair of the IPsec working group would be surprised
to hear your assertion.

Either that, or I'd be *really* surprised to learn that the entire
community of auto industry manufacturers and suppliers regards each
member of the community as a fully-trusted "insider"!

Follow-Ups:

Re: SAs and SPIs

From: John Shriver <jas@shiva.com>

Prev by Date: Re: SAs and SPIs
Next by Date: lengths of some specifiers
Prev by thread: Re: SAs and SPIs
Next by thread: Re: SAs and SPIs
Index(es):
- Main
- Thread