W3C home > Mailing lists > Public > ietf-discuss@w3.org > May 2001

Re: Discussion of an app-layer API for IPsec

From: Paul Hoffman / IMC <phoffman@imc.org>
Date: Mon, 7 May 2001 14:24:19 -0700
Message-Id: <p05100313b71cc1b37754@[165.227.249.20]>
To: discuss@apps.ietf.org
At 6:01 PM -0400 5/6/01, Keith Moore wrote:
>I basically think that IPsec is nearly useless without an application-layer
>API,

Creating secure WANs is a pretty large market...

>  but the API needs to not only make applications aware of whether
>a security association has been established (along with the credentials
>so that the application can evaluate them for itself)

Right

>  but also allow
>the application to control the credentials that are used when establishing
>SAs.

That's assuming that the API allows SA creation. I think that is a 
separate API from "am I already covered", and one tha will be much 
harder to design.

--Paul Hoffman, Director
--Internet Mail Consortium
Received on Monday, 7 May 2001 17:45:18 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 23 March 2006 20:11:28 GMT