Chapter 19. Key Management Sockets

Introduction

With the introduction of the security architecture for IP (IPsec, described in RFC 2401 [Kent and Atkinson 1998a]), a standard mechanism was needed to manage secret encryption and authorization keys. RFC 2367 [McDonald, Metz, and Phan 1998] introduces a generic key management API that can be used for IPsec and other network security services. Similar to routing sockets (Chapter 18), this API creates a new protocol family, the PF_KEY domain. As with routing sockets, the only type of socket supported in the key domain is a raw socket.

As described in Section 4.2, on most systems, AF_KEY would be defined to the same value as PF_KEY. However, RFC 2367 is quite specific that PF_KEY is the constant that ...

Get The Sockets Networking API: UNIX® Network Programming Volume 1, Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

The Sockets Networking API: UNIX® Network Programming Volume 1, Third Edition by

Chapter 19. Key Management Sockets

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly