In your previous mail you wrote:
To me it would make sense to have associated data that is the index of
the security association used (is that the right term? I'm not really
up to date on IPSEC terminology).
=> I agree, the SPI is the useful key to metadata.
Would it make sense to use the same ancillary data on the sending
side, for applications that want full control of IPSEC and other
headers? I'm imagining an application that makes creative use of
nested ESP and source routing headers for hiding traffic.
=> this should be managed by policies, not directly by the header API.
[EMAIL PROTECTED]
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
