W3C home > Mailing lists > Public > ietf-discuss@w3.org > May 2001

Re: Discussion of an app-layer API for IPsec

From: Paul Hoffman / IMC <phoffman@imc.org>
Date: Mon, 14 May 2001 09:21:04 -0700
Message-Id: <p05100314b725b618b1bc@[]>
To: Alexey Melnikov <mel@messagingdirect.com>, Keith Moore <moore@cs.utk.edu>
Cc: discuss@apps.ietf.org
At 2:30 AM -0600 5/14/01, Alexey Melnikov wrote:
>Keith Moore wrote:
>>  I basically think that IPsec is nearly useless without an application-layer
>>  API, but the API needs to not only make applications aware of whether
>>  a security association has been established (along with the credentials
>>  so that the application can evaluate them for itself) but also allow
>>  the application to control the credentials that are used when establishing
>>  SAs.
>And one possible use of this is API is for EXTERNAL SASL mechanism, 
>on top of IPSec.

This makes a lot of sense. Is anyone here in the Apps Area 
interesting in really persuing it? If not, I don't expect it to move 
forwards. There are only two or three people in the IPsec area who 
expressed any interest in doing the real work (Bill Sommerfeld and 
Steve Bellovin).

--Paul Hoffman, Director
--Internet Mail Consortium
Received on Monday, 14 May 2001 12:46:42 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:08:12 UTC