[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPSEC Security Policy Management

To: boyter@afiwc01.af.mil, rgm3@chrysler.com
Subject: Re: IPSEC Security Policy Management
From: bchappe@nswc.navy.mil (Brett Chappell x1568)
Date: Thu, 4 Dec 1997 09:52:53 -0500
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

> From rgm3@chrysler.com Wed Nov 26 11:36:36 1997
> X-Sender: rgm3@pop3hub.is.chrysler.com
> Date: Wed, 26 Nov 1997 11:20:11 -0500
> To: "Boyter, Brian A." <boyter@afiwc01.af.mil>
> From: Robert Moskowitz <rgm3@chrysler.com>
> Subject: Re: IPSEC Security Policy Management
> Cc: "'ipsec@tis.com'" <ipsec@tis.com>
> Mime-Version: 1.0
> X-Mime-Autoconverted: from quoted-printable to 8bit by portal.ex.tis.com id LAA25959
> Content-Transfer-Encoding: quoted-printable
> X-Mime-Autoconverted: from 8bit to quoted-printable by portal.ex.tis.com id LAB25962
> 
> At 09:50 AM 11/26/97 -0600, Boyter, Brian A. wrote:
[snip]
> 
> >Is there an opportunity to discuss this
> >requirement???   Should an IPSEC secpol
> >subgroup be created???
> 
> Ted and I are working on finishing the agenda for the IPsec session.  Thi=
> s
> will be on there somehow, but lots of things happen in the hall and the
> terminal room.

I would also be interested in this discussion. I have been monitoring IPSEC
as a possible technology that could be used in the Navy's environment.

> 
> >> One idea I am playing with is to right the security policy in PolicyMa=
> ker
> >=D8	and put it in a certificate from the policy server....
> >
> >Interesting idea...   Is this the AT&T PolicyMaker???
> 
> Yes, I am quite intrigue with it.  I would send you the URL, but I am
> having trouble checking what I thought it was :(
> 
> >From the Air Force's standpoint, we are in favor of almost
> >any method of creating + storing + disseminating policy -
> >we just want all of the vendor products to use the same
> >standard....
> >
> >What about using the attribute certificate
> >(http://lists.w3.org/Archives/Public/ietf-tls/msg02442.html)
> >(http://lists.w3.org/Archives/Public/ietf-tls/msg00796.html)????
> >Isn't this the "standard" for SSL security policy????
> 
> I have trouble with the direction of attribute certificates.  I will be
> spending time at DC trying to scope this out, but I have management scali=
> ng
> problems in a distributed responsibility model like I need here (you migh=
> t
> not, as the USAF is basically one command structure).

Yes, but there may be some similarities between your environment and DoD's
environment in that joint operations between the different branches must
be taken in account.

> 
> 
> 
> Robert Moskowitz
> Chrysler Corporation
> (810) 758-8212
>

Brett Chappell

Prev by Date: Re: ISAKMP gateway function
Next by Date: IPSEC document reading party!
Prev by thread: Re: ISAKMP gateway function
Next by thread: IPSEC document reading party!
Index(es):
- Main
- Thread