[fmac-discuss] Zones and Flask
Bill Sommerfeld
sommerfeld at sun.com
Mon Apr 21 17:57:35 PDT 2008
On Mon, 2008-04-21 at 19:03 -0400, Paul Moore wrote:
> > depending on securing a set of nodes (some of which may be internal
> > to the network) is unavoidable; depending on securing every
> > millimeter of cable between them seems like asking for trouble when
> > you can't see the middle and both ends of every cable that matters.
>
> I don't know what to say other than that these users are very security
> aware and have mechanisms in place to provide them the level of
> assurance that they need. These people are not clueless.
while on my current trip to CA I was introduced to the joys of in-n-out
burger. Turns out that they have an off-menu "grilled cheese sandwich"
which is really a cheeseburger without the beef.
we could provide these very security aware people an off-menu labeled
ESP + null auth + null encryption for use with their "other mechanisms
in place" and avoid the need to build two different label & security
attribute negotiation protocols.
- Bill
More information about the fmac-discuss
mailing list