[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Simplifying IKE

To: Steve.Robinson@psti.com
Subject: Re: Simplifying IKE
From: Bill Sommerfeld <sommerfeld@East.Sun.COM>
Date: Thu, 16 Aug 2001 15:14:36 -0400
cc: Stephen Kent <kent@bbn.com>, Chris Trobridge <CTrobridge@baltimore.com>, ipsec@lists.tislabs.com, owner-ipsec@lists.tislabs.com
In-reply-to: Your message of "Thu, 16 Aug 2001 14:51:43 EDT." <OFF3B37AA0.8077B795-ON80256AAA.00674182@psti.com>
Reply-to: sommerfeld@East.Sun.COM
Sender: owner-ipsec@lists.tislabs.com

> So, you wouldn't consider PF_KEY to be a standard API for use with IPsec?
> I don't like it much personally, as it isn't as flexible as RFC 2401 would
> allow an API to be, but still, it is there....

PF_KEY is not a policy API.  It's an API for managing the SADB; as
such, it's useful only to the (very limited) set of people writing key
management implementations..

					- Bill

References:

RE: Simplifying IKE

From: Steve.Robinson@psti.com

Prev by Date: Re: Simplifying IKE
Next by Date: Re: Simplifying IKE
Prev by thread: RE: Simplifying IKE
Next by thread: Re: Simplifying IKE
Index(es):
- Main
- Thread