[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: application layer cross checking
An API of this form is on my list of things to add to solaris.
In a sockets-API world, this info wants to show up in socket options
on TCP connections and in recvmsg() ancillary data.
PF_KEY is not the right place for it; PF_KEY is a privileged api used
by the key management daemon (and already includes SA attributes for
identities).
Disclaimers:
- I'm reluctant to make an API proposal until I have running code,
because APIs Are Hard.
- I'm not in a position to make any predictions about if/when it's
going to appear in a product.
- Bill
References: