Re: Outbound interface as a selector?
"Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu> Sun, 17 October 1999 22:51 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by mail.imc.org (8.9.3/8.9.3) with ESMTP id PAA07610; Sun, 17 Oct 1999 15:51:51 -0700 (PDT)
Received: by lists.tislabs.com (8.9.1/8.9.1) id RAA13284 Sun, 17 Oct 1999 17:44:52 -0400 (EDT)
Message-Id: <199910172146.RAA08002@nyarlathotep.cis.upenn.edu>
X-Mailer: exmh version 2.0.2 2/24/98
To: Dan McDonald <danmcd@Eng.Sun.Com>
Cc: ipsec@lists.tislabs.com
Subject: Re: Outbound interface as a selector?
In-reply-to: Your message of "Sun, 17 Oct 1999 14:18:55 PDT." <199910172118.OAA14917@kebe.Eng.Sun.COM>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Sun, 17 Oct 1999 17:46:05 -0400
From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
In message <199910172118.OAA14917@kebe.Eng.Sun.COM>, Dan McDonald writes: > >Off the top of your heads, do you see anything really broken about the idea >of outbound interface as a selector? No; in fact, it's also necessary if you are going to do link encryption at the network layer (your example seemed a special case of this). I believe the architecture RFC does not prohibit this. The only negative side-effect is that, depending on the implementation specifics, you may end up doing one routing-table lookup more than you need; considering the cost of doing crypto, this is rather negligible. -Angelos
- Outbound interface as a selector? Dan McDonald
- Re: Outbound interface as a selector? Angelos D. Keromytis
- Re: Outbound interface as a selector? Henry Spencer
- Re: Outbound interface as a selector? Stephen Kent