[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Non-IP type Client IDs



Hi Steve,

Stephen Kent wrote:
> 
> Scott,
> 
> RFC 2401 embodies the notion that one can use a non-address ID type as a
> selector in the SPD search. If the user ID is found in thge SPD, then one
> creates a temporary SPD entry populated with IP addresses that have been
> dynamically assigned, e.g., in the remote user scenario.  The document
> notes, near the top of page 19, the requirement to support user names for
> INBOUND SA creation in security gateways, motivated by this scenario.
> 

I seem to recall specific language in the document to this effect, but
cannot find anything (after a quick skim) regarding insertion of
temporary spd entries in RFC2401 - was such language deleted somewhere
in the transition from draft to rfc, or am I just missing it?

Thanks,

Scott


Follow-Ups: