@techreport{blaze-ipsp-trustmgt-04,
    number =    {draft-blaze-ipsp-trustmgt-04},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-blaze-ipsp-trustmgt/04/},
    author =    {Dr. John Ioannidis and Angelos D. Keromytis and Dr. Matt Blaze},
    title =     {{Compliance Checking and IPSEC Policy Management}},
    pagetotal = 10,
    year =      2000,
    month =     mar,
    day =       15,
    abstract =  {This draft describes an architecture for security policy management for IPSEC based on the principle of {}`{}`compliance checking.'' We describe a two-level policy hierarchy, in which security association policy is managed by a highly flexible policy language, which in turn provides input to packet policies that are managed by a fast packet filtering language. We provide a sample SA policy language, based on KeyNote, and describe interoperability issues for this architecture.},
}