[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)



[resent from last week]

On 2-aug-2006, at 15:41, marcelo bagnulo braun wrote:

i am not sure what do you mean at the same time.... these would be different ways to implement BITW compatibility that need to be negotiated in the shim6 protocol (or either the processing is done completelly in the BITW device or the ULID pair option is included in the payload header, so that the BITW device can restore the ULIDs)

fwiw i am perfectly ok with doing only the first option...

So basically this means that IF a host with bump-in-the-wire IPsec support MUST implement the shim in the BITW module and the host itself MUST NOT do shim6?

The second option isn't an option because information in the packet can't be trusted.