[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Meta-comment: use of "red" / "black" terminology...
>At the WG session today, Steve Kent clarified that the "red interface"
>on a host stack implementation could be a purely internal functional
>interface rather than an IP Interface (virtual or physical).
Hm. I suppose one couuld invent terminology like that, but its a
pretty radical departure from the DoD terminology, since (outside the
VPN/securitygateway model), one can trivially produce graphs where
nodes cannot be consistently labelled either "red" or "black".
Even disregarding that, it's still a bit of a non-sequitur to the
point abouta
"... only address the use of IPsec in tunnel mode and assume
the VPN/securitygateway model".
which struck me as a legitimate concern, orthogonal to whatever
terminology one adopts for the VPN/security-gateway model.
(For what it's worth, I'd like to see of "red" and "black" or any
other similar terms prohibited, lest they seduce anyone into thinking
*solely* in terms of IPsec tunnel mode and VPNs/security-gateways).