Robert Moskowitz <rgm-...@htt-consult.com> writes:
This is an item that goes back to the beginning of ESP work: Minimally, how does the higher level 'learn' that it is secure: E2E or TE2TE? Encrypted/Authenticated/CrCed... ? And as ESP has a seq#, how might it be convied to the higher layer? Case in point: MAVlink has a 1-byte seq# in its payload. How might this be provided by ESP? https://mavlink.io/en/guide/message_signing.html So I have been thinking about this vis-a-vis diet-esp. What is the mechanism/trigger that can best work across a number of higher layers to inform of operating environment and values available (seq#)? Is this done anywhere now?
If you're asking for a generic API mechanism in unix, for datagrams it would be recvmsg. Recvmsg uses a msghdr which can include control data (cmsghdr). That is the way that lower layer information associated with packets is passed up to the application. man recvmsg man cmsg I don't know if any ESP data is currently passed with this method though. Thanks, Chris.
Bob _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
signature.asc
Description: PGP signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec