On 6/5/2007 3:45 PM, Jorge Davila wrote:
For every IPsec implementation, there MUST be an administrative interface that allows a user or system administrator to manage the SPD. Specifically, every inbound or outbound packet is subject to processing by IPsec and the SPD must specify what action will be taken in each case. Thus the administrative interface must allow the user (or system administrator) to specify the security processing to be applied to any packet entering or exiting the system, on a packet by packet basis.
I take this to mean some sort of management point, not necissarily a network interface managed by ifconfig. Or did I misunderstand your earlier comment to mean the management point?
Grant. . . .
