IETF Logo Mail Archive

[anonsec] I-D ACTION:draft-ietf-btns-c-api-00.txt

mcr at sandelman.ca (Michael Richardson) Mon, 23 July 2007 14:40 UTC

From: "mcr at sandelman.ca"
Date: Mon, 23 Jul 2007 09:40:46 -0500
Subject: [anonsec] I-D ACTION:draft-ietf-btns-c-api-00.txt
In-Reply-To: <1EF1E44200D82B47BD5BA61171E8CE9D049A701C@NT-IRVA-0750.brcm.ad.broadcom.com>
References: <f7oa8t$s9r$1@sea.gmane.org> <1EF1E44200D82B47BD5BA61171E8CE9D049A701C@NT-IRVA-0750.brcm.ad.broadcom.com>
Message-ID: <f82ele$j9r$1@sea.gmane.org>

Caitlin Bestler wrote:
> Would you be ok with explicitly clarifying that the requirements
> described are only intended for the application layer code, and are
> not intended to constrain implementaion of the operating environment?

I would be happy to clarify anything. In the IETF tradition, you can send 
text.  If you send patches, I will apply them.

I just want to be clear that you want me to clarify that the Application 
Programming Interface is a set of requirements on an interface that 
Applications use.

They aren't constraints on the application, or on the operating environment. 
They are constraints are the interface only.  And we aren't creating an ABI 
either, or promising that a change in the implementation of the API won't 
require a recompilation of the applications.  (It is certainly is a nice 
feature if you have, but it certainly isn't required)

> Or if there are constraints on the operating environment, to list those
> separately? For example, it is concievable that there is a requirement
> that the key material not be place in swap eligible memory. If so, that

Keys never traverse this API. That is a requirement.
Where the IPsec "kernel" puts keys is it's own business.

v2.23.0 | Report a Bug | By Email