[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key management
> >I agree with number 2, we need to pick a certificate format. However, I
> >think that certificates to support IPSP should contain host names, not user
> >names.
>
> I disagree. One big application I have in mind for IPSP is to support
...
> In this situation it makes a lot of sense for the keys in the IPSP
> gateway to have the names of your users on them.
Phil,
you're right that for many situations a "user" certificate is what's
appropriate. But for some situations an IP address or host-name
certificate is more appropriate. There is nothing that precludes us from
using both. Let's not limit ourselves to using only one.
Dave
Follow-Ups:
References: