Question about SA
"Schaa, Tahar" <Schaa@secunet.de> Mon, 31 August 1998 14:16 UTC
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id KAA13287 for ipsec-outgoing; Mon, 31 Aug 1998 10:16:54 -0400 (EDT)
Message-Id: <199808311433.QAA18091@stax05.cubis.de>
From: "Schaa, Tahar" <Schaa@secunet.de>
To: 'IPsec Mailinglist' <ipsec@tis.com>
Subject: Question about SA
Date: Mon, 31 Aug 1998 16:33:54 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.1960.3)
Content-Type: text/plain
Sender: owner-ipsec@ex.tis.com
Precedence: bulk
Hello all here, I hope someone can help me. I'm wondering about the dependecies of SA's. -in the RFC 1825-28 there stands something like "SA is destination adress and SPI", but what adress ???? Is there meant IP adress with port number or without? -if it is only the IP without port what is about the following case: There is a server (with one IP adress) in the internet with two services: Realaudio Broadcast and Online Banking. Then I want to connect to both as a client, but for the Online Banking I want AH and ESP and for the Audio Broadcast only AH or perhaps nothing. The adress is always the same, there are only different ports. -I've got IPv4 and DHCP. The IP adress changes everytime I start my PC. Now its unpossible to identify my machine in a SA as communication partner with my IP adress. The same if I get dynamic IP adresses from my Provider. Is there something I did not read or is there still nothing about it??? Perhaps it would be a good sollution to let the client application select the SA or SPI? , because the application knows what strength of security is recommendet for the action that will be done. Sorry for my bad english, I'm from Germany. Thanks for answers. ________________________________________________________________________ _ T A H A R S C H A A tahar@tahar.ping.de schaa@secunet.de
- Question about SA Schaa, Tahar
- Re: Question about SA Stephen Kent