[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)

To: marcelo bagnulo braun <marcelo@it.uc3m.es>
Subject: Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Thu, 3 Aug 2006 18:18:26 +0200
Cc: Francis Dupont <Francis.Dupont@point6.net>, Shinta Sugimoto <shinta@sfc.wide.ad.jp>, shim6-wg <shim6@psg.com>

[resent from last week]

On 2-aug-2006, at 15:41, marcelo bagnulo braun wrote:

i am not sure what do you mean at the same time.... these would bedifferent ways to implement BITW compatibility that need to benegotiated in the shim6 protocol (or either the processing is donecompletelly in the BITW device or the ULID pair option is includedin the payload header, so that the BITW device can restore the ULIDs)

fwiw i am perfectly ok with doing only the first option...

So basically this means that IF a host with bump-in-the-wire IPsecsupport MUST implement the shim in the BITW module and the hostitself MUST NOT do shim6?

The second option isn't an option because information in the packetcan't be trusted.

Prev by Date: Re: visibility of identifier in shim6 payload packet (was: Re: IPsec !?...)
Next by Date: Re: visibility of identifier in shim6 payload packet
Previous by thread: Re: Security Module for shim6 or hip really
Next by thread: Re: visibility of identifier in shim6 payload packet
Index(es):
- Date
- Thread