[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Precedence on selectors, policy entries or both?

To: <ipsec@lists.tislabs.com>
Subject: Precedence on selectors, policy entries or both?
From: "Li Man.M (NRC/Boston)" <Man.M.Li@nokia.com>
Date: Fri, 12 Oct 2001 12:22:29 -0400
Sender: owner-ipsec@lists.tislabs.com
Thread-Index: AcFTMxFllNTzY78kEdWBTQBQi2X+DwABCwuw
Thread-Topic: DataStructure for Storing SPD,SA Entries

Hi,

RFC 2401 specifies that "The SPD contains an ordered list of policy
entries". Now, if the selectors are ordered in SPD, the policy entries
are ordered since each selector points to a policy entries. Is this a
correct assumption?

I also see people give precedence to policy entries or policy rules. Is
this redundant since the selectors are already ordered? Could there be
potential conflict if both selectors and policy entries have precedence
orders?

Which one of the following is the common approach in SPD?

A. Give precedence to selectors only
B. Give precedence to policy entries only
C. Give precedence to both selectors and policy entries 

Comments are appreciated. Thanks.


Man Li

Follow-Ups:

Re: Precedence on selectors, policy entries or both?

From: Stephen Kent <kent@bbn.com>

Prev by Date: DataStructure for Storing SPD,SA Entries
Next by Date: Frequency of Phase 1 / Phase 2 Exchanges
Prev by thread: RE: DataStructure for Storing SPD,SA Entries
Next by thread: Re: Precedence on selectors, policy entries or both?
Index(es):
- Main
- Thread