[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC Security Policy Management
At 09:50 AM 11/26/97 -0600, Boyter, Brian A. wrote:
>
>I've never been to an IETF meeting...
Hey we all have to start sometime. Only about 30 people can claim they
were there in the BEGINNING at SDSC...
>Is there an opportunity to discuss this
>requirement??? Should an IPSEC secpol
>subgroup be created???
Ted and I are working on finishing the agenda for the IPsec session. This
will be on there somehow, but lots of things happen in the hall and the
terminal room.
>> One idea I am playing with is to right the security policy in PolicyMaker
>Ø and put it in a certificate from the policy server....
>
>Interesting idea... Is this the AT&T PolicyMaker???
Yes, I am quite intrigue with it. I would send you the URL, but I am
having trouble checking what I thought it was :(
>From the Air Force's standpoint, we are in favor of almost
>any method of creating + storing + disseminating policy -
>we just want all of the vendor products to use the same
>standard....
>
>What about using the attribute certificate
>(http://lists.w3.org/Archives/Public/ietf-tls/msg02442.html)
>(http://lists.w3.org/Archives/Public/ietf-tls/msg00796.html)????
>Isn't this the "standard" for SSL security policy????
I have trouble with the direction of attribute certificates. I will be
spending time at DC trying to scope this out, but I have management scaling
problems in a distributed responsibility model like I need here (you might
not, as the USAF is basically one command structure).
Robert Moskowitz
Chrysler Corporation
(810) 758-8212
References: