What's the status of the project?
chris stillson
fluffy at snowden.catch22.org
Sun Jun 10 13:54:42 GMT 2001
On Tue, Jun 12, 2001 at 04:20:17PM -0400, Robert Watson wrote:
>
> On Tue, 12 Jun 2001, Ilmar S. Habibulin wrote:
>
> > looked through FIPS 188, so i think, that CIPSO will be easily implemented
> > and work between TrustedBSD boxes just fine. But i don't know how to
> > achieve interoperability with other trusted systems. I have TSIG docs from
> > their www.tsix.org site, but there is not much. :(
CIPSO is just a matter of making sure you use the same binary
labels. RIPSO (rfc1108) is a little more clever. SAMPD does all
the clever mappings, but isn't really worth doing since you could
likely hack iskmpd/iked to do the same thing.
On Tue, Jun 12, 2001 at 04:20:17PM -0400, Robert Watson wrote:
> and objects (have a MAC label attached). Another issue has to do with
> whether we want to be able to make routing decisions based on labels, or
> just perform access control.
trusted routing is ugly...
chris
"don't even bother trying
to say something clever
clever is as clever does
mo matter what it says"
-Ani DiFranco
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list