On 09/03/06, Florian Daniel Otel <[EMAIL PROTECTED]> wrote:
>
> Hello all,
>
> I have the following question (== misunderstanding from my part?)
> w.r.t. openbgp support for dynamic keying: I was living under the
> impression (hope?) that the said support means not only that the keys
> for the BGP peering session per se are established dynamically but
> also that the SPD itself is kept in sync with the coresp. BGP routing
> info i.e. bgp updates the IPsec flows to be consistent with the BGP
> routing info exchanged with the said peer.
Without ever having looked at this I would guess that openbgpd support
for dynamic keying is for securing the bgp session itself, nothing more.
/Tony
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
