[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SAs and SPIs
> From: John Shriver <jas@shiva.com>
>
> What you are asking about is NOT what IPSec is about.
>
> You are asking about multi-level security. That's about labeling
> everything with a security level. It's about distrust between the
> members of the same organization. See the National Computer Security
> Center "Orange Book". Of see section 25.2 of Schneier's "Applied
> Cryptography", which gives an introduction. Also, see the RFC's on
> the IP Security Option.
>
> IPsec is primarily about protection from external predators. Not from
> internal ones.
I'm sure the new co-chair of the IPsec working group would be surprised
to hear your assertion.
Either that, or I'd be *really* surprised to learn that the entire
community of auto industry manufacturers and suppliers regards each
member of the community as a fully-trusted "insider"!
Follow-Ups: