[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec gateway vs. host

To: <saqibj@margallacomm.com>
Subject: Re: IPsec gateway vs. host
From: Stephen Kent <kent@bbn.com>
Date: Fri, 6 Jul 2001 15:57:01 -0400
Cc: <ipsec@lists.tislabs.com>, "Saqib Jang" <saqibj@margallacomm.com>
In-Reply-To: <NDBBLPEJFLKHBNKPNJJPEELHCMAA.saqibj@margallacomm.com>
References: <NDBBLPEJFLKHBNKPNJJPEELHCMAA.saqibj@margallacomm.com>
Sender: owner-ipsec@lists.tislabs.com

At 11:23 AM -0700 7/6/01, Saqib Jang wrote:
>Is there a scenario where IPsec implemented in a NIC
>or a HBA can be considered a "gateway" IPsec implementation.
>I'm trying to reconcile the proposal for iSCSI devices to only
>support tunnel-mode IPsec with the requirement in RFC 2401
>that only IPsec "gateways" can support only tunnel-mode IPsec,
>whereas "hosts' are required to support both tunnel and transport
>mode IPsec.

depending on where the NIC is used, it might appropriately support SG 
vs. host Ipsec modes. but, it just sounds like the iSCSCI folks are 
calling for a subset of IPsec functionality for their environment. a 
compliant IPsec host implementation could be used in this more 
restrictive fashion.

Steve

References:

IPsec gateway vs. host

From: "Saqib Jang" <saqibj@margallacomm.com>

Prev by Date: IPsec gateway vs. host
Next by Date: RE: IPsec gateway vs. host
Prev by thread: IPsec gateway vs. host
Next by thread: RE: IPsec gateway vs. host
Index(es):
- Main
- Thread