Hema, On 2011-03-09 12:41, Hema Krishnamurthy wrote: > So, if I have a single security domain only system with a single client > program, > to encrypt/decrypt, would I use the CoProcessor namespace or would I just use > the Encrypt/Decrypt ones?
If you only have a single domain (e.g., storing encrypted data to a database), you would create a CICM::Coprocessor::Encrypt (or ::Decrypt) conduit because you want the result of the encrypt (or decrypt) operation to return to the same client program that asks to encrypt (or decrypt) the data. You would use the CICM::Encrypt and CICM::Decrypt channels in a more typical high assurance scenario in which the results of the operation are not in the same domain that initiates the operation. Lev _______________________________________________ cicm mailing list [email protected] https://www.ietf.org/mailman/listinfo/cicm
