From: Herbert Xu <herbert@gondor.apana.org.au> Date: Mon, 30 Jun 2003 07:36:25 +1000 On Sun, Jun 29, 2003 at 02:27:22PM -0700, David S. Miller wrote: > Connections do not change policies, policy changes change policies. > > Connections match policies and expand templates to create specific > transformer states which are applied to packets from that connection. That sounds good but the bottom line is that the KM has to update each policy in this case to expand the templates, right? If the kernel need not do that, why does the KM need to do that? You're talking nonsense. Entities register policies, and entities registers specific transformer states. Policies have templates which expand only to specific transformer states. So, for a given selector, you know what will match and which template would be used, just as the kernel can figure this out so can the key manager. - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
