[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re: Re: [ssm] SSM with IPSec

To: Mark Baugher <mbaugher@cisco.com>
Subject: Re: Re: Re: [ssm] SSM with IPSec
From: Toerless Eckert <eckert@cisco.com>
Date: Wed, 15 Jan 2003 19:08:04 -0800
Cc: Toerless Eckert <eckert@cisco.com>, holbrook@cisco.com, Brad Huntting <huntting@glarp.com>, ssm@ietf.org, Brian Weis <bew@cisco.com>
In-Reply-To: <5.1.1.5.2.20030115142209.0219a158@mira-sjc5-6.cisco.com>
List-Help: <mailto:ssm-request@ietf.org?subject=help>
List-Id: Source-Specific Multicast <ssm.ietf.org>
List-Post: <mailto:ssm@ietf.org>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ssm>,<mailto:ssm-request@ietf.org?subject=subscribe>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ssm>,<mailto:ssm-request@ietf.org?subject=unsubscribe>
References: <5.1.1.5.2.20030115123146.021e95a8@mira-sjc5-6.cisco.com> <20030115171137.GK2103@cypher.cisco.com> <5.1.1.5.2.20030115123146.021e95a8@mira-sjc5-6.cisco.com> <5.1.1.5.2.20030115142209.0219a158@mira-sjc5-6.cisco.com>
User-Agent: Mutt/1.4i

On Wed, Jan 15, 2003 at 02:28:20PM -0800, Mark Baugher wrote:
> When the security association is pushed down to the member by key 
> management, there will need to be a flag that declares whether it is 
> indexed with the source address (SSM) or not (ASM), i.e. whether multiple 
> sources will share that SA.  We might be able to leave it at this level 
> without explicitly declaring it to be ASM or SSM to IPsec.  In fact, this 
> would allow ASM groups to be indexed by source address (a separate SA for 
> each sender) or SSM to not be indexed by source address (one SA for 
> multiple channels).  Whether this makes sense or not is a matter of policy 
> that is implemented in the key server.

Right, that sounds good. 

_______________________________________________
ssm mailing list
ssm@ietf.org
https://www1.ietf.org/mailman/listinfo/ssm

References:
- Re: Re: Re: [ssm] SSM with IPSec
  - From: Mark Baugher <mbaugher@cisco.com>
- Re: Re: [ssm] SSM with IPSec
  - From: Toerless Eckert <eckert@cisco.com>
- Re: Re: Re: [ssm] SSM with IPSec
  - From: Mark Baugher <mbaugher@cisco.com>

Prev by Date: RE: [ssm] Re: last call comments on ssm-arch doc
Next by Date: Re: [ssm] Re: last call comments on ssm-arch doc
Prev by thread: Re: Re: Re: [ssm] SSM with IPSec
Next by thread: [Ssm] Test message #1
Index(es):
- Date
- Thread