[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: per-host keying

To: Michael Richardson <mcr@sandelman.ottawa.on.ca>, ipsec@lists.tislabs.com
Subject: Re: per-host keying
From: Ramana Yarlagadda <ramana@chiplogic.com>
Date: Mon, 09 Jul 2001 10:02:44 -0700
In-Reply-To: <200107071649.f67GnCL22968@marajade.sandelman.ottawa.on.ca>
Sender: owner-ipsec@lists.tislabs.com

Hi,


>   2401 clearly supports keying of node-to-node tunnels, both for
>end-systems and gateways.
>
>   At most bakeoffs that I've been to, there has been another variation
>on this, which was called per-host (vs per-node) keying. I tell my gateway
>that I want security between:
>      1.2.3.0/24      and        4.5.6.0/24
>
>   but that I want each combination of hosts that communicate to be
>seperately keyed.

***  PLease refer to section 4.4.4 of RFC2401


>   I had assumed that this concept made it into a document somewhere,
>but I can not find it. Am I blind, or did this concept never get written
>down anywhere?


-ramana

References:

per-host keying

From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: RE: per-host keying
Next by Date: Re: per-host keying
Prev by thread: per-host keying
Next by thread: Re: per-host keying
Index(es):
- Main
- Thread