40 likes | 160 Views
Certificate Management Requirements Status. IETF PKI4IPSEC WG 07 March 2005. Sean Turner (IECA, Inc.) <turners@ieca.com> Tel: (+1) 703-628-3180. Interim Meeting. 14 December 2004 Refer to 14 December 2004 from C. Bonatti for link to presentations Topics Path discovery – AIA/CDP
E N D
Certificate Management Requirements Status IETF PKI4IPSEC WG07 March 2005 Sean Turner (IECA, Inc.) <turners@ieca.com> Tel: (+1) 703-628-3180
Interim Meeting • 14 December 2004 • Refer to 14 December 2004 from C. Bonatti for link to presentations • Topics • Path discovery – AIA/CDP • Revocation checking - CRL • Confirmation handshake - ? • Community realms – GONE (template id)
New Comments/Changes • Non-repudiation removed address by “authenticated.” • Authorization token format – ASCII vs internationalized? • Enrollment TYPE field? • Cancel/New Auth – need new identifier for replay protection. • DNS support for PKC path lookup and revocation? • CA state info needed. • Organization: • Key generation/PKC request options (peer both, peer key/admin request, admin both, pki both); Enrollment options (peer->pki, peer->admin, admin->pki); Revocation options (peer, admin) • Key generation/PKC request section – move to informative annex? • Move options in 2.3.1-3 to 3.4.