[anonsec] BYPASS OR PROTECT
mcr at sandelman.ca
Tue Apr 3 09:31:27 PDT 2007
Stephen Kent wrote:
> The existing 4301 model describes BYPASS and PROTECT as mutually
> exclusive descriptions. So, the new option, which might more properly
> be named "PROTECT IF POSSIBLE" is a third option that the user has to
As this is used primarily on the responder, I suggest th wording be infact:
"PROTECT IF REQUESTED"
> Of course we still have to make sure that there is no overlap (in
> terms of address space or name space) between entries in the SPD
> that are described as PROTECT and ones that are labeled as "PROTECT
> IF POSSIBLE." The same is true for the PAD. These constrains are
This is a general problem in the PAD, and
SPD with overlapping items. i.e. this problem already exists, and has been solved.
More information about the ANONSEC