[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: multiple payloads via "ID_LIST"

To: Daniel Harkins <dharkins@cisco.com>
Subject: Re: multiple payloads via "ID_LIST"
From: "Scott G. Kelly" <skelly@redcreek.com>
Date: Thu, 01 Oct 1998 10:33:07 -0700
CC: Roy Pereira <rpereira@TimeStep.com>, Shawn_Mamros@BayNetworks.COM, "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>, ipsec@tis.com
Organization: RedCreek Communications
References: <199809301552.IAA21393@chip.cisco.com>
Sender: owner-ipsec@ex.tis.com

Daniel Harkins wrote:
> 
>   Roy,
> 
>   I'm not talking about what policy is, I'm saying why would one want to
> do IPSec at such a network aggregation point?

One reason is to aggregate the traffic so as to thwart traffic analysis
attempts. The packets going into the tunnel might already be encrypted
in an end-to-end SA, yet this mechanism still has value.

Prev by Date: ASN-1 DUMPER Program
Next by Date: RE: Re-keying Issues Document
Prev by thread: Re: ASN-1 DUMPER Program
Next by thread: RE: Re-keying Issues Document
Index(es):
- Main
- Thread