[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [saag] Re:
At 03:59 PM 5/29/02 +0200, Hannes Tschofenig wrote:
>do you think that the hop-by-hop security in rsvp is a good or a bad thing?
>should there be more than what is currently provided?
There needs to be more than what is currently provided,
but, as always, there's a big keying/cert problem, particularly
in a multi-"domain" environment. I don't think the threat
environment is particularly well-understood (I've seen your
NSIS draft but haven't gone through it in detail). Clearly
IPSec is not the right answer for Path messages, however,
because while the addressing is end-to-end the payload
contents do change as the packet transits participating
routers.
Melinda
- Follow-Ups:
- RE: [saag] Re:
- From: "Hannes Tschofenig" <Hannes.Tschofenig@mchp.siemens.de>
- Re: [saag] Re:
- From: "Prof. Ahmed Bin Abbas Ahmed Ali Adas" <alaadas@kaau.edu.sa>