[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RFC4303 (IPsec/ESP) auditing requirements



Hello all,

I'm looking at RFC4303 at some of the auditing requirements and one of the 
gaps between what the specification requires and what we currently provide 
involves the SA's sequence number and the IPv6 flow ID.  According the list 
of existing audit fields[1] there doesn't appear to any fields which are a 
good match.  With that in mind I'd like to propose two new fields:

 * seqno - sequence number
 * flowid - flow id

Any comments, objections, suggestions?

[1] http://people.redhat.com/sgrubb/audit/audit-parse.txt
-- 
paul moore
linux security @ hp


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]