[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another field for traffic selector?



On Wed, 12 Mar 2003, Yu-Shun Wang wrote:
> Are we defining firewall inside IPsec in the disguise of "traffic
> selectors"?

The IPsec SPD is deliberately meant as a specification of a minimal
firewall mechanism.  Firewalling is an important part of IP security,
after all.  (IPsec is more than just encryption, although encryption
tends to get most of the attention.)

                                                          Henry Spencer
                                                       henry@spsystems.net