[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec kernel api

To: jetienne@ifhamy.insa-lyon.fr
Subject: Re: ipsec kernel api
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Date: Sat, 20 Mar 1999 19:24:19 -0500
Cc: Craig Metz <cmetz@inner.net>, tech@openbsd.org


In message <19990320190946.A857@long-haul.net>, jetienne@ifhamy.insa-lyon.fr wr
ites:
>about rfc2367, i read it only once so i can be wrong but i didnt
>see anything about ipcomp and about the possibility to 'group' the 
>security association. something like 'esp + ipcomp'.
>
>did i miss something ? if not, does your new work provide a solution ?

Seeing as OpenBSD doesn't support ipcomp, I don't see how that matters.

OpenBSD has a private extension for grouping SAs (there will, at some point,
be a standard way of doing so, in a revised PFKEY, as I understand it). If
one could define and use IPcomp SAs, then one would use that mechanism.
-Angelso

References:
- Re: ipsec kernel api
  - From: jetienne@ifhamy.insa-lyon.fr

Prev by Date: Re: ipsec kernel api
Next by Date: Re: ipsec kernel api
Prev by thread: Re: ipsec kernel api
Next by thread: Re: ipsec kernel api
Index(es):
- Date
- Thread