RE: SPI question
Stephen Waters <Stephen.Waters@digital.com> Thu, 28 May 1998 10:21 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id GAA25606 for ipsec-outgoing; Thu, 28 May 1998 06:21:21 -0400 (EDT)
Message-ID: <250F9C8DEB9ED011A14D08002BE4F64C01959175@wade.reo.dec.com>
From: Stephen Waters <Stephen.Waters@digital.com>
To: "Srinivas. B. Kulkarni" <srinu@trinc.com>
Cc: ipsec@tis.com
Subject: RE: SPI question
Date: Thu, 28 May 1998 11:33:03 +0100
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.1960.3)
Content-Type: text/plain
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Hello Amal, Srinu>> The initiator will generate an SPI, which will be used as the SPI value for INBOUND SA at initiator side and OUTBOUND SA at the responder side. ... Srinu>> OK, responder in response to the initiator proposals will select one of them, and then he(responder) will generate an SPI value for his(responder) INBOUND SA and send it to the initiator to use it to identify his(initiator) OUTBOUND SA. Waters> Isn't this the wrong way round? If the initiator is setting up an SA, it is probably because Waters> there is a packet waiting to go OUT. Waters> Waters> It seems more logical to me that the initiator should specify the SPI for the Initiator's OUTBOUND and Waters> the responder's INBOUND, and that the responder should create another SPI for the responder's Waters> OUTBOUND and the initiator's INBOUND. Waters> Waters> This is all guess-work though - I haven't read it anywhere. I know, you can tell :) Waters> Cheers, Steve.
- SPI question Amal Maalouf
- Re: SPI question Srinivas. B. Kulkarni
- RE: SPI question Stephen Waters
- RE: SPI question Kai Martius
- RE: SPI question CJ Gibson