>>>>> "PP" == Passera Pablo-APP <Passera> writes:
PP> My question is, is this a correct interpretation of the RFC? Or PP> the correct action would be to compare the security levels and if those PP> don't match then discard the packet? (in the later case the packet shall PP> arrive with exactly the same security level than the user in the USM PP> table) That isn't correct thinking. That point in the RFC is attempting to make sure that a user doesn't try to receive a encrypted packet (for example) when it doesn't support an encryption protocol (IE, if none was configured for it). It is not trying to imply policy with what level of protection a packet must have to arrive for that user. That's the job of the VACM. -- Wes Hardaker Sparta, Inc. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
