[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [IPSECKEY] Re: I-D ACTION:draft-richardson-ipsec-rr-01.txt
Hi,
Just to clarify.
In case both public key and gateway field in IPSECKEY RR exist,
how should I interpret it?
If the gateway field is the same as the owner name of RR,
it should be considered as a security gateway.
for example,
owner name: "Security Gateway 1"
public key: "bar"
gateway : "Security Gateway 1"
If both the public key and the gateway field exist, and the
gateway name is not the same as the owner name of RR, should
I consider that there will be nested SAs like following?
Host 1 -------- Internet ----------- Security --- Host 2
| | Gateway1 |
| | | |
| -------Security Association 1---------- |
| |
----------------Security Association 2---------------
owner name: "Host 2"
public key: "foo"
gateway : "Security Gateway 1"
owner name: "Security Gateway 1"
public key: "bar"
gateway : "Security Gateway 1" (or none?)
Regards.
--
Tatsuya BABA babatt@nttdata.co.jp
R&D Headquarters, NTT DATA CORPORATION
-
This is the IPSECKEY@sandelman.ca list.
Email to ipseckey-request@sandelman.ca to be removed.