> To me it would make sense to have associated data that is the index of
> the security association used (is that the right term? I'm not really
> up to date on IPSEC terminology).
The actual spi value is not likely to be very useful to the
application (when key management is in use, it's a random number which
lasts as long as the sa does, and sa's are, in the long run,
ephemeral). On the other hand, other metadata associated with the SA
would be (the authenticated peer identity, for one).
- Bill
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
- destination option update Francis Dupont
- Re: destination option update Erik Nordmark
- Re: destination option update Tim Hartrick
- Re: destination option update Erik Nordmark
- Re: destination option update Francis Dupont
- Re: destination option update Francis Dupont
- Re: destination option update Jun-ichiro itojun Hagino
- Re: destination option update Tim Hartrick
- Re: destination option update Niels M�ller
- Re: destination option update Francis Dupont
- Re: destination option update Bill Sommerfeld
- Re: destination option update Niels M�ller
- Re: destination option update Tim Hartrick
- Re: destination option update Tim Hartrick
- Re: destination option update Robert Elz
- Re: destination option update Francis Dupont
- Re: destination option update Michael Thomas
- Re: destination option update Robert Elz
- Re: destination option update Erik Nordmark
- Re: destination option update Jun-ichiro itojun Hagino
