1 / 5

The Internet IP Security PKI Profile of ISAKMP and PKIX

The Internet IP Security PKI Profile of ISAKMP and PKIX. draft-ietf-ipsec-pki-profile-03.txt Brian Korver <briank@xythos.com> Eric Rescorla <ekr@rtfm.com>. What is draft-ietf-ipsec-pki-profile-03.txt?. Provides a profile of ISAKMP and PKIX for use in IPsec

ronli
Download Presentation

The Internet IP Security PKI Profile of ISAKMP and PKIX

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. The Internet IP Security PKI Profile of ISAKMP and PKIX draft-ietf-ipsec-pki-profile-03.txt Brian Korver <briank@xythos.com> Eric Rescorla <ekr@rtfm.com>

  2. What isdraft-ietf-ipsec-pki-profile-03.txt? • Provides a profile of ISAKMP and PKIX for use in IPsec • Complements specifications such as IKEv1 (and IKE v2) • “strawman” proposals

  3. Examples of issues addressed in draft-ietf-ipsec-pki-profile-03.txt • When should an implementation send Certificates and/or CRLs? • What response should be given to an empty CERTREQ? • How must the ID payload be used for determining policy? • In which fields should particular types of identity information appear in certificates? • What formats should be used for out-of-band exchange of PKI-related information?

  4. What’s new in -03? Not much: • Minor editorial changes to clean up language • Minor additional clarifying text • Removed hyphenation • Added requirement that implementations support configuration data exchange having arbitrary line lengths

  5. Going forward to -04 • Add/remove text in accordance with whatever the group determines its scope should be • Incorporation of feedback (hint, hint)

More Related