[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.3 Authentication styles

To: Henry Spencer <henry@spsystems.net>
Subject: Re: SOI QUESTIONS: 2.3 Authentication styles
From: "Chinna N.R. Pellacuru" <pcn@cisco.com>
Date: Wed, 19 Jun 2002 18:23:56 -0700 (PDT)
cc: IP Security List <ipsec@lists.tislabs.com>
In-Reply-To: <Pine.BSI.3.91.1020619203338.26320A-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

On Wed, 19 Jun 2002, Henry Spencer wrote:

> On Wed, 19 Jun 2002, Chinna N.R. Pellacuru wrote:
> > As I saw it, a minority of implementors who build high end security
> > gateways, complained about not just the value of minimal access control in
> > IPsec, but also about the inefficiency of doing this in IPsec and having
> > to do it in the firewall feature processing anyway (because firewall
> > provides extensive and true access control and intrution detection).
>
> As has been noted before, the IPsec standards specify the results, not the
> implementation, and there is no reason why the filtering called for by the
> IPsec specifications can't be done by a firewall mechanism.  There is *no*
> requirement that the filtering be located within some arbitrary box
> labeled "IPsec", so long as it gets done somewhere.
>
>                                                           Henry Spencer
>                                                        henry@spsystems.net

Is that the majority opinion? The WG consensus? Do, most regular
contributors to this forum agree to this?

    thanks,
    chinna

Follow-Ups:
- Re: SOI QUESTIONS: 2.3 Authentication styles
  - From: Paul Koning <pkoning@equallogic.com>

References:
- Re: SOI QUESTIONS: 2.3 Authentication styles
  - From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Next by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Prev by thread: Re: SOI QUESTIONS: 2.3 Authentication styles
Next by thread: Re: SOI QUESTIONS: 2.3 Authentication styles
Index(es):
- Date
- Thread