Re: IPSEC Security Policy Management

[Robert Moskowitz <rgm3@chrysler.com>]

At 09:50 AM 11/26/97 -0600, Boyter, Brian A. wrote:
>
>I've never been to an IETF meeting...

Hey we all have to start sometime.  Only about 30 people can claim they
were there in the BEGINNING at SDSC...

>Is there an opportunity to discuss this
>requirement???   Should an IPSEC secpol
>subgroup be created???

Ted and I are working on finishing the agenda for the IPsec session.  This
will be on there somehow, but lots of things happen in the hall and the
terminal room.

>> One idea I am playing with is to right the security policy in PolicyMaker
>Ø	and put it in a certificate from the policy server....
>
>Interesting idea...   Is this the AT&T PolicyMaker???

Yes, I am quite intrigue with it.  I would send you the URL, but I am
having trouble checking what I thought it was :(

>From the Air Force's standpoint, we are in favor of almost
>any method of creating + storing + disseminating policy -
>we just want all of the vendor products to use the same
>standard....
>
>What about using the attribute certificate
>(http://lists.w3.org/Archives/Public/ietf-tls/msg02442.html)
>(http://lists.w3.org/Archives/Public/ietf-tls/msg00796.html)????
>Isn't this the "standard" for SSL security policy????

I have trouble with the direction of attribute certificates.  I will be
spending time at DC trying to scope this out, but I have management scaling
problems in a distributed responsibility model like I need here (you might
not, as the USAF is basically one command structure).



Robert Moskowitz
Chrysler Corporation
(810) 758-8212

---

References:

• IPSEC Security Policy Management
• From: "Boyter, Brian A." <boyter@afiwc01.af.mil>

---

• Prev by Date: Re: draft-ietf-ipsec-arch-sec-02.txt and last call
• Next by Date: Re: IPSEC Security Policy Management
• Prev by thread: IPSEC Security Policy Management
• Next by thread: Re: IPSEC Security Policy Management
• Index(es):
  • Main
  • Thread