[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SAD and SPD...
On Thu, 15 Apr 1999, Unmesh Kulkarni wrote:
> The role of SPD for inbound packets, explained in the The IPSec
> Architcture document, is not very clear to me. Since the address, SPI and
> the protocol already specify an SA, do we seperately use SPD in this case?
Yes, but in reverse: not to determine what action to take, but to check
whether the action specified by address/SPI/protocol was correct for the
packet that finally emerges.
Henry Spencer
henry@spsystems.net
(henry@zoo.toronto.edu)
References: