Niels,
>
> To me it would make sense to have associated data that is the index of
> the security association used (is that the right term? I'm not really
> up to date on IPSEC terminology).
>
> Would it make sense to use the same ancillary data on the sending
> side, for applications that want full control of IPSEC and other
> headers? I'm imagining an application that makes creative use of
> nested ESP and source routing headers for hiding traffic.
>
I question the utility and security of these additional facilities
but I am not a sear nor a security expert. I would prefer to keep it
simple and opague unless absolutely required. Other's opinions may vary.
tim
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
