[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: per-host keying
Hi,
> 2401 clearly supports keying of node-to-node tunnels, both for
>end-systems and gateways.
>
> At most bakeoffs that I've been to, there has been another variation
>on this, which was called per-host (vs per-node) keying. I tell my gateway
>that I want security between:
> 1.2.3.0/24 and 4.5.6.0/24
>
> but that I want each combination of hosts that communicate to be
>seperately keyed.
*** PLease refer to section 4.4.4 of RFC2401
> I had assumed that this concept made it into a document somewhere,
>but I can not find it. Am I blind, or did this concept never get written
>down anywhere?
-ramana
References: