[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ipsec error codes
Dan McDonald wrote:
> > The important point here is that they are defined with particular
> > semantic goals, which may or may not encompass the requirements of our
> > situation. This brings us to a question: what, exactly, are our
> > requirements?
>
> Good question.
>
> At first glance, I don't see what problem is being solved. What on-the-wire
> entity would issue these codes and messages?
Also a good question, and maybe Bob will want to put on his ANX hat and
give us some real world applications. I assume that the messages are
issued by security gateways and ipsec host implementations. I also
assume such messages would be useful in logfiles, and perhaps also in
syslog-type output. Another consumer might be an intrusion detection
event correlator, although a working group has been formed which is
devoted to trying to settle on some format for those messages, and one
of the possiblities I heard mentioned was (gak!) ASN.1.
Scott
References: