[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: RFC4303 (IPsec/ESP) auditing requirements



On Wednesday 05 December 2007 2:45:12 pm Paul Moore wrote:
> Hello all,
>
> I'm looking at RFC4303 at some of the auditing requirements and one of the
> gaps between what the specification requires and what we currently provide
> involves the SA's sequence number and the IPv6 flow ID.  According the list
> of existing audit fields[1] there doesn't appear to any fields which are a
> good match.  With that in mind I'd like to propose two new fields:
>
>  * seqno - sequence number
>  * flowid - flow id

Scratch the 'flowid' name, the more I look at things we should probably go 
with 'flowlbl'.

> Any comments, objections, suggestions?
>
> [1] http://people.redhat.com/sgrubb/audit/audit-parse.txt

-- 
paul moore
linux security @ hp


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]