draft-ietf-cipso-ipsecurity-01.txt - OpenGrok cross reference for /Linux-v5.4/Documentation/netlabel/draft-ietf-cipso-ipsecurity-01.txt

Lines Matching +full:implementation +full:- +full:defined
27 Please check the I-D abstract listing contained in each Internet Draft
46 mandatory access controls and multi-level security.  These systems are
57 defined in future RFCs.
88 once in a datagram.  All multi-octet fields in the option are defined to be
91 +----------+----------+------//------+-----------//---------+
93 +----------+----------+------//------+-----------//---------+
124 corresponding ASCII representations.  Non-related groups of systems may
148 actual security information to be passed.  All multi-octet fields in a tag
149 are defined to be transmitted in network byte order.  Like the DOI
152 octet boundary.   The tag types defined in this document contain alignment
158 identifiers are greater than 127 are defined by the DOI authority and may
167 Tag type 0 is reserved. Tag types 1, 2, and 5 are defined in this
171 +----------+----------+--------//--------+
173 +----------+----------+--------//--------+
189 and support the same security policy.  The three tags defined in this
207 This is referred to as the "bit-mapped" tag type.  Tag type 1 is included
211 +----------+----------+----------+----------+--------//---------+
213 +----------+----------+----------+----------+--------//---------+
297 +----------+----------+----------+----------+-------------//-------------+
299 +----------+----------+----------+----------+-------------//-------------+
360 +----------+----------+----------+----------+------------//-------------+
362 +----------+----------+----------+----------+------------//-------------+
415 assumed to be 0.  The ranges MUST be non-overlapping and be listed in
422 A CIPSO implementation MUST be capable of generating at least tag type 1 in
423 the non-optimized form.  In addition, a CIPSO implementation MUST be able
430 The configuration parameters defined below are required for all CIPSO hosts,
432 host is defined to be the origination or destination system for an IP
440 An implementation of CIPSO on a host MUST have the capability to reject a
449 HOST_LABEL_MAX - This parameter contains the maximum sensitivity label that
453 not be defined explicitly as it can be implicitly derived from the
467 HOST_LABEL_MIN - This parameter contains the minimum sensitivity label that
470 not apply to CIPSO gateways or routers.  This parameter need not be defined
474 PORT_LABEL_MAX - This parameter contains the maximum sensitivity label for
481 PORT_LABEL_MIN - This parameter contains the minimum sensitivity label for
489 PORT_DOI - This parameter is used to assign a DOI identifier value to a
495 NET_DOI - This parameter is used to assign a DOI identifier value to a
501 HOST_DOI - This parameter is used to assign a DOI identifier value to a
557 lead to non-interoperability or even a security incident.  The
574 and HOST configuration parameters defined in section 3.
612 The default condition for any CIPSO implementation is that an
614 handled as described in section 4.1.  A CIPSO implementation MAY allow
626 networks that have CIPSO and non-CIPSO hosts and the non-CIPSO hosts
640 the current set of defined tag types, this means that CIPSO labels at
669 to use.  A CIPSO implementation need only support one level of DOI
675 A CIPSO implementation MUST support at least one DOI and SHOULD support
732 cipso-request@wdl1.wdl.loral.com.