On Thu, Jul 03, 2003 at 06:53:01AM +0400, kuznet@ms2.inr.ac.ru wrote: > > > host A outside the trusted network. The selector of the IPCOMP tunnel > > being any to any. > > Why would be this? Did we not agree that wildcard selectors on tunnel > transformations are illegal? Not that I recall. I might have agreed to something like that for pfkey to get people to set it. But disallowing it completely seems silly to me since there are legitimate uses for it, e.g., someone behind a wireless gateway or a secure corporate gateway that requires IPsec. Besides, you can replace that with any selector that includes the network T. > > Please let me know if you can find any flaws in my reasoning. > > I am afraid I did not understand the idea. Can you be a bit more specific about which bit doesn't make sense to you? Then I can try to clarify it. Thanks. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
