[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec error codes

To: Dan McDonald <danmcd@Eng.Sun.Com>
Subject: Re: ipsec error codes
From: "Scott G. Kelly" <skelly@redcreek.com>
Date: Thu, 08 Apr 1999 17:21:07 -0700
CC: ipsec@lists.tislabs.com
Organization: RedCreek Communications
References: <199904082310.QAA29890@kebe.Eng.Sun.COM>
Sender: owner-ipsec@lists.tislabs.com

Dan McDonald wrote:
> > The important point here is that they are defined with particular
> > semantic goals, which may or may not encompass the requirements of our
> > situation. This brings us to a question: what, exactly, are our
> > requirements?
> 
> Good question.
> 
> At first glance, I don't see what problem is being solved.  What on-the-wire
> entity would issue these codes and messages?

Also a good question, and maybe Bob will want to put on his ANX hat and
give us some real world applications. I assume that the messages are
issued by security gateways and ipsec host implementations. I also
assume such messages would be useful in logfiles, and perhaps also in
syslog-type output. Another consumer might be an intrusion detection
event correlator, although a working group has been formed which is
devoted to trying to settle on some format for those messages, and one
of the possiblities I heard mentioned was (gak!) ASN.1.

Scott

References:

Re: ipsec error codes

From: Dan McDonald <danmcd@Eng.Sun.Com>

Prev by Date: Re: ipsec error codes
Next by Date: ECN: Tunnel/SA relationship
Prev by thread: Re: ipsec error codes
Next by thread: Re: ipsec error codes
Index(es):
- Main
- Thread