[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ISAKMP Query

To: ipsec@tis.com, "'Jesse Walker'" <jwalker@shiva.com>
Subject: RE: ISAKMP Query
From: Greg Carter <greg.carter@entrust.com>
Date: Mon, 18 Jan 1999 08:33:37 -0500
Sender: owner-ipsec@ex.tis.com

It is the binary ASN.1 DER encoding of the DN of the CA.  Not the entire
certificate.
Bye.
----
Greg Carter, Entrust Technologies
greg.carter@entrust.com


> ----------
> From: 	Jesse Walker[SMTP:jwalker@shiva.com]
> Sent: 	Friday, January 15, 1999 3:50 PM
> To: 	ipsec@tis.com
> Subject: 	ISAKMP Query
> 
> 
> There is no definition of what the "Distinguished Name encoding" might be
> in this or any of the other ISAKMP-related RFCs. RFC 2407 does give an
> encoding for distinguished names, but only in the context of the ID
> payload. Further, the cisco reference implementation seems to include the
> entire certificate of the CA, using the encodings defined for a
> Certificate
> Request. The discussion at PKI night at the Binghamton Bakeoff also
> pointed
> to encoding the entire CA certificate into the payload and not less. But
> the RFC does not say to use the CA's certificate.
> 
> What is the correct interpretation of this text?
> 
>

Prev by Date: ISAKMP Query
Next by Date: Q about SA bundles
Prev by thread: ISAKMP Query
Next by thread: Q about SA bundles
Index(es):
- Main
- Thread