[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec AH and ESP I-Ds; source address as possible SA selector for multicast SA?
> From: Mark Baugher <mbaugher@cisco.com>
> >I think a good solution would be to include also the source address in the
> >SA selector for multicast SAs. This would also be very useful to protect
> >IGMP messages by means of IPsec AH.
>
> I favor this approach but it is not consistent with RFC2401.
Nothing in RFC2401 prevents using source address as a selector.