On Jan 7, 2010, at 3:45 PM, Jack Kohn wrote:
I am just trying to understand what a WESP powered middle box thats interested in deep inspecting packets, should do when it sees a native ESP packet. Should it make an attempt to parse it based on heuristics (which i completely resent) or should it treat the packet as encrypted and do whatever the local policy dictates?
It seems to me that any discussion of what the middlebox "should" do is not just out-of-scope, it's very very very very very out-of-scope.
.. doing what? I am sorry i could not follow your following statements.
Sorry - writing while groggy. Basically, if there are additional requirements for being able to detect encrypted packets that would require some action on the part of ipsecme, I can't think of them off the top of my head. Melinda _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
