[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSL v IPSEC for management?
Steven Lee said:
> If the server certificate is not signed by one of the root CA installed
> in your browser, then you cannot authenticate. Marc, are you assuming
> that the certificate is issued by one of the root CA?
Um, yes; in any certificate-based system the certificates have to be issued
by someone trusted by the verifier. I don't see how this is an SSL-specific
issue; it's just as applicable to lots of other security situations, including
IPSEC key management.
- Marc
--
Marc VanHeyningen marcvh@aventail.com
Internet Security Architect
Aventail http://www.aventail.com/
References: