Kernel Tokens to Provide IPsec Keying Material
----------------------------------------------

As kernel tokens provide a mechanism for the storage of keying material in
the kernel, and association with user processes, kernel subsystems could
take advantage of this to provide a convenient and consistent interface to
kernel keying material.  One possible example of this would be IPsec.  After
performing an IKE or ISAKMP negotiation using public keys, the system
libraries could store appriate keying information in tagged tokens.  When
making socket calls, the unique token identifier would be provided to
identify the appropriate material.

Similarly, kernel subsystems could generate keying material and make it
accessible via the token interface to user code.


$Id: ipsec.txt,v 1.1 1998/06/26 13:17:29 robert Exp $
