[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: new version of ESP ID
From: Stephen Kent <kent@bbn.com>
Subject: Re: new version of ESP ID
Cc: ipsec@lists.tislabs.com, msec@securemulticast.org
If we include the source address for multicast, to accommodate SSM,
does that mean I don't have to pay attention to the destination for
any multicast protocol. That would be a sort of equal tradeoff,
moving from requiring that an SA be defined by source and SPI instead
of destination and SPI, for multicast. But I don't want to make life
more complex by requiring support for all three.
I don't think we can get away with that. (S,G1) would be a whole different
set of members than (S,G2), and would therefore want to have different keys,
etc.
Radia