Grant,
to be honest, reading, re-reading before the rfc the same doubt come to my
mind but now, my understanding is that the paragraph is really doing
reference to an interface to manage the traffic according to the policies
defined.
Jorge Davila.
On Tue, 05 Jun 2007 18:53:33 -0500
Grant Taylor <gtaylor@xxxxxxxxxxxxxxxxx> wrote:
On 6/5/2007 3:45 PM, Jorge Davila wrote:
For every IPsec implementation, there MUST be an administrative
interface that allows a user or system administrator to manage the
SPD. Specifically, every inbound or outbound packet is subject to
processing by IPsec and the SPD must specify what action will be
taken in each case. Thus the administrative interface must allow the
user (or system administrator) to specify the security processing to
be applied to any packet entering or exiting the system, on a packet
by packet basis.
I take this to mean some sort of management point, not necissarily a
network interface managed by ifconfig. Or did I misunderstand your earlier
comment to mean the management point?
Grant. . . .
Jorge Isaac Davila Lopez
Nicaragua Open Source
+505 430 5462
davila@xxxxxxxxxxxxxxxxxxxxxxx
