[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Re: Son of IKE: A proposal for moving forward

To: IP Security List <ipsec@lists.tislabs.com>
Subject: Re: Fwd: Re: Son of IKE: A proposal for moving forward
From: Henry Spencer <henry@spsystems.net>
Date: Thu, 13 Jun 2002 14:17:35 -0400 (EDT)
In-Reply-To: <5.1.0.14.2.20020613123019.026171f0@pophost.gte.com>
Sender: owner-ipsec@lists.tislabs.com

On Thu, 13 Jun 2002, Stuart Jacobs wrote:
>...we need end-to-end SAs between our network 
>elements with the SAs originating/terminating directly on the net 
>interfaces within the elements.  A VPN approach typically is deployed to 
>interconnect two trusted networks over an untrusted third network...

There is no reason why the two trusted "networks" can't be single hosts --
that's just a degenerate case.  It involves both minor complications and
minor simplifications, and is, as Paul said, a common VPN situation. 

                                                          Henry Spencer
                                                       henry@spsystems.net

Follow-Ups:
- Re: Fwd: Re: Son of IKE: A proposal for moving forward
  - From: Bill Sommerfeld <sommerfeld@east.sun.com>

References:
- Fwd: Re: Son of IKE: A proposal for moving forward
  - From: Stuart Jacobs <stu.jacobs@labs.gte.com>

Prev by Date: Fwd: Re: Son of IKE: A proposal for moving forward
Next by Date: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Prev by thread: Fwd: Re: Son of IKE: A proposal for moving forward
Next by thread: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Index(es):
- Date
- Thread