[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Re: Son of IKE: A proposal for moving forward

To: Henry Spencer <henry@spsystems.net>
Subject: Re: Fwd: Re: Son of IKE: A proposal for moving forward
From: Bill Sommerfeld <sommerfeld@east.sun.com>
Date: Thu, 13 Jun 2002 15:04:33 -0400
cc: IP Security List <ipsec@lists.tislabs.com>
In-Reply-To: Your message of "Thu, 13 Jun 2002 14:17:35 EDT." <Pine.BSI.3.91.1020613141449.16839C-100000@spsystems.net>
Reply-to: sommerfeld@east.sun.com
Sender: owner-ipsec@lists.tislabs.com

> There is no reason why the two trusted "networks" can't be single hosts --
> that's just a degenerate case.  It involves both minor complications and
> minor simplifications, and is, as Paul said, a common VPN situation. 

there are certain obvious scaling problems with this approach.

direct use of transport mode is likely to be easier to manage, require
fewer addresses, and be simpler with large numbers of hosts.

						- Bill

Follow-Ups:
- Re: Fwd: Re: Son of IKE: A proposal for moving forward
  - From: Henry Spencer <henry@spsystems.net>
- Re: Fwd: Re: Son of IKE: A proposal for moving forward
  - From: Paul Koning <pkoning@equallogic.com>

References:
- Re: Fwd: Re: Son of IKE: A proposal for moving forward
  - From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Next by Date: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Prev by thread: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Next by thread: Re: Fwd: Re: Son of IKE: A proposal for moving forward
Index(es):
- Date
- Thread