RE: Review of -10 security draft

To: "Bernard Aboba" <bernard_aboba@hotmail.com>, <Ernest.Dainow@mcdata.com>
Subject: RE: Review of -10 security draft
From: "Joseph D. Harwood" <jharwood@vesta-corp.com>
Date: Wed, 20 Feb 2002 08:01:47 -0800
Cc: <ips@ece.cmu.edu>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;charset="iso-8859-1"
Importance: Normal
In-Reply-To: <F74SAMfKQu1bCdUg07M0000e711@hotmail.com>
Sender: owner-ips@ece.cmu.edu



> -----Original Message-----
> From: Bernard Aboba [mailto:bernard_aboba@hotmail.com]
> Sent: Tuesday, February 19, 2002 2:42 PM
> To: jharwood@vesta-corp.com; Ernest.Dainow@mcdata.com
> Cc: ips@ece.cmu.edu
> Subject: Review of -10 security draft
>
>
> >How does requiring each connection to have its own Phase 2 SA
> mitigate >the
> >vulnerability in this scenario?
>
> IPsec doesn't protect against this at all, and the text needs to
> make this
> clear.
>
> Please take a look at the latest -10 security draft in progress to see if
> this addresses the issue:
>
> http://www.drizzle.com/~aboba/RDMA/draft-ietf-ips-security-10.txt
>

It does, thanks!

Best Regards,
Joseph D. Harwood
(408) 838-9434
jharwood@vesta-corp.com
www.vesta-corp.com

Prev by Date: RE: FW: FW: iSCSI: support value of ?
Next by Date: RE: iSCSI: DataACK SNACK
Prev by thread: SAN Switch Topology Options: A Free White Paper from TidalWire
Next by thread: RE: Review of -10 security draft
Index(es):
- Date
- Thread

Home

Last updated: Wed Feb 20 13:18:03 2002
8805 messages in chronological order