[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new version of ESP ID

To: fenner@research.att.com, kent@bbn.com
Subject: Re: new version of ESP ID
From: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>
Date: Fri, 12 Jul 2002 19:30:40 -0400 (EDT)
Cc: ipsec@lists.tislabs.com, msec@securemulticast.org
Reply-To: Radia Perlman - Boston Center for Networking <Radia.Perlman@sun.com>
Sender: owner-ipsec@lists.tislabs.com


	From: Stephen Kent <kent@bbn.com>
	Subject: Re: new version of ESP ID
	Cc: ipsec@lists.tislabs.com, msec@securemulticast.org
	
	If we include the source address for multicast, to accommodate SSM, 
	does that mean I don't have to pay attention to the destination for 
	any multicast protocol. That would be a sort of equal tradeoff, 
	moving from requiring that an SA be defined by source and SPI instead 
	of destination and SPI, for multicast. But I don't want to make life 
	more complex by requiring support for all three.

I don't think we can get away with that. (S,G1) would be a whole different
set of members than (S,G2), and would therefore want to have different keys,
etc.

Radia

Prev by Date: Re: new version of ESP ID
Next by Date: AES-CBC draft: Tunnel mode, TTL field of inner header
Prev by thread: Re: new version of ESP ID
Next by thread: Re: new version of ESP ID (plus new AH ID)
Index(es):
- Date
- Thread