10 Sep
2001
10 Sep
'01
2:06 p.m.
At 13:47 10/09/01, Richard Welty wrote:
in the case of IPSec, the IP addresses need to be preserved end-to-end as part of the whole security scheme.
True, but ONLY because the Internet Architecture lacks an alternative namespace that could identify the box associated with a given network interface. (The IP address is used in this context to identify the network interface associated with the Security Association). So that's all true today, but is driven by a shortcoming in the Internet Architecture. Ran rja@Inet.org