So what are the requirements?

• A policy model

• An IPSEC gateway discovery mechanism

• A policy language for nodes

• Means for distributing responsibility

• Protocol for policy discovery

• Method for resolving SA parameters

• Semantics for compliance checking SA parameters & gateway against each node’s policy

• No changes to anything else (IKE, etc)

Previous slide

Next slide

Back to first slide

View graphic version