[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: revised IPsec processing model

To: Joe Touch <touch@ISI.EDU>
Subject: Re: revised IPsec processing model
From: Stephen Kent <kent@bbn.com>
Date: Mon, 11 Aug 2003 16:29:07 -0400
Cc: Mark Duffy <mduffy@quarrytech.com>, ipsec@lists.tislabs.com
In-Reply-To: <3F37DB9B.5010601@isi.edu>
References: <5.2.0.9.0.20030724113200.01feed80@email><p05210613bb4db57e16c7@[128.89.89.75]> <3F2EC3DC.6010803@isi.edu><p05210602bb5476a89c38@[128.89.88.34]> <3F2EC97D.5050800@isi.edu><p05210605bb5490d4bea5@[128.89.88.34]> <3F2EEEB2.5030109@isi.edu><p05210603bb5563deac67@[128.89.88.34]> <3F37DB9B.5010601@isi.edu>
Sender: owner-ipsec@lists.tislabs.com

Joe,

I believe the bottom line here is that you view situations where 
dynamic routing will affect the choice of an SPD as common, whereas 
many of us view them as relatively rare.  We each have our own models 
of common vs. rare operation and there is probably no point inn 
debating further which is more common in what context and/or at what 
time (now vs. future).

As I revise the processing model to take into account the comments I 
have received, I will try to reword it to be as clear as possible 
about the security implications associated with different assumptions 
about routing tables and the extent to which they may change without 
secure intermediation, as the security implications of such changes.

Steve

Follow-Ups:
- Re: revised IPsec processing model
  - From: Joe Touch <touch@ISI.EDU>
- Re: revised IPsec processing model
  - From: guttman@mitre.org (Joshua D. Guttman)

References:
- Re: revised IPsec processing model
  - From: Joe Touch <touch@ISI.EDU>
- Re: revised IPsec processing model
  - From: Stephen Kent <kent@bbn.com>
- Re: revised IPsec processing model
  - From: Joe Touch <touch@ISI.EDU>
- Re: revised IPsec processing model
  - From: Stephen Kent <kent@bbn.com>
- Re: revised IPsec processing model
  - From: Joe Touch <touch@ISI.EDU>
- Re: revised IPsec processing model
  - From: Stephen Kent <kent@bbn.com>
- Re: revised IPsec processing model
  - From: Joe Touch <touch@ISI.EDU>

Prev by Date: Re: revised IPsec processing model
Next by Date: Re: revised IPsec processing model
Prev by thread: Re: revised IPsec processing model
Next by thread: Re: revised IPsec processing model
Index(es):
- Date
- Thread