[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Meta-comment: use of "red" / "black" terminology...

To: Stephen Kent <kent@bbn.com>
Subject: Re: Meta-comment: use of "red" / "black" terminology...
From: "Theodore Ts'o" <tytso@mit.edu>
Date: Mon, 10 Nov 2003 22:38:24 -0500
Cc: ipsec@lists.tislabs.com
In-reply-to: <p06010201bbd5b897ede2@[130.129.139.103]>
References: <E1AJEsm-0001NH-TE@thunk.org> <p06010201bbd5b897ede2@[130.129.139.103]>
Sender: owner-ipsec@lists.tislabs.com
User-agent: Mutt/1.5.4i

In some private discussions this evening, it was noted that "red" and
"black" are used in two senses.  The first is pre- and post-
processing by the IPSEC stack, in the inbound and outbound paths.
(i.e., "red to black") In this case, being explicit about something
like "before ipsec processing" or "after ipsec processing", etc. would
probably be less confusing.

The second is "trusted" and "untrusted", or "internal" and "external"
when referring two networks or interfaces on a security gateway.
Granted that "trusted" is overloaded by other meanings that might
cause confusion, does "internal networks" and "external networks" work
better folks.  (All of this assuming that we have explicit definitions
before we use any of these terms.)

						- Ted

Follow-Ups:
- Re: Meta-comment: use of "red" / "black" terminology...
  - From: Bill Sommerfeld <sommerfeld@east.sun.com>

References:
- Meta-comment: use of "red" / "black" terminology...
  - From: "Theodore Ts'o" <tytso@mit.edu>
- Re: Meta-comment: use of "red" / "black" terminology...
  - From: Stephen Kent <kent@bbn.com>

Prev by Date: rfc2401bis and QoS selectors
Next by Date: Re: Meta-comment: use of "red" / "black" terminology...
Previous by thread: Re: Meta-comment: use of "red" / "black" terminology...
Next by thread: Re: Meta-comment: use of "red" / "black" terminology...
Index(es):
- Date
- Thread