[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on the latest Security architecture draft

To: suresh@livingston.com
Subject: Re: Comments on the latest Security architecture draft
From: tytso@MIT.EDU
Date: Fri, 5 Jun 1998 06:27:54 -0400
Address: 1 Amherst St., Cambridge, MA 02139
CC: matt@ljo.dec.com, suresh@livingston.com, ipsec@tis.com
In-reply-to: <199806022314.QAA15346@server.livingston.com> (message from PydaSrisuresh on Tue, 2 Jun 1998 16:19:11 -0700 (PDT))
Phone: (617) 253-8091
References: <199806022314.QAA15346@server.livingston.com>
Sender: owner-ipsec@ex.tis.com

Harold Koch cited where it is listed in the IKE document.  The
Architecture Security document also has this to say:

   SPI
      Acronym for "Security Parameters Index".  The combination of a
      destination address, a security protocol, and an SPI uniquely
      identifies a security association (SA, see above).  The SPI is
      carried in AH and ESP protocols to enable the receiving system to
      select the SA under which a received packet will be processed.  An
      SPI has only local significance, as defined by the creator of the
      SA (usually the receiver of the packet carrying the SPI); thus an
      SPI is generally viewed as an opaque bit string.  However, the
      creator of an SA may choose to interpret the bits in an SPI to
      facilitate local processing.

So it is there in the documents.

					- Ted

Follow-Ups:

Re: Comments on the latest Security architecture draft

From: suresh@livingston.com (Pyda Srisuresh)

References:

Re: Comments on the latest Security architecture draft

From: Pyda Srisuresh <suresh@livingston.com>

Prev by Date: RE: IPCOMP and IPSEC
Next by Date: RE: IPCOMP and IPSEC
Prev by thread: Re: Comments on the latest Security architecture draft
Next by thread: Re: Comments on the latest Security architecture draft
Index(es):
- Main
- Thread