|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Review of -10 security draft> -----Original Message----- > From: Bernard Aboba [mailto:bernard_aboba@hotmail.com] > Sent: Tuesday, February 19, 2002 2:42 PM > To: jharwood@vesta-corp.com; Ernest.Dainow@mcdata.com > Cc: ips@ece.cmu.edu > Subject: Review of -10 security draft > > > >How does requiring each connection to have its own Phase 2 SA > mitigate >the > >vulnerability in this scenario? > > IPsec doesn't protect against this at all, and the text needs to > make this > clear. > > Please take a look at the latest -10 security draft in progress to see if > this addresses the issue: > > http://www.drizzle.com/~aboba/RDMA/draft-ietf-ips-security-10.txt > It does, thanks! Best Regards, Joseph D. Harwood (408) 838-9434 jharwood@vesta-corp.com www.vesta-corp.com
Home Last updated: Wed Feb 20 13:18:03 2002 8805 messages in chronological order |