On Mon, May 12, 2008 at 08:40:29PM -0400, Bill Sommerfeld wrote:
> A revised design document incorporating responses to the comments so
> far, plus a glossary of terms used in the document, is now available at:
> 
> http://www.opensolaris.org/os/project/txipsec/Design/phase1-0.4.pdf
<SNIP!>

You've addressed all of my previous comments very well, thank you.

Two more things:

* Your glossary's mention of PF_KEY should mention RFC 2367.

* IKE traffic is ADMIN_LOW.  How would that work if a labeled system wants to
  talk with an unlabeled one?  Or is this where those annoying middleboxen
  come in handy?

Dan

Reply via email to