[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL v IPSEC for management?

To: Steven Lee <slee@cygnacom.com>
Subject: Re: SSL v IPSEC for management?
From: marcvh@aventail.com (Marc VanHeyningen)
Date: Tue, 26 Jan 1999 08:05:53 -0800
cc: "Ipsec (E-mail)" <ipsec@tis.com>
In-reply-to: Your message of "Tue, 26 Jan 1999 10:48:18 EST." <51BF55C30B4FD1118B4900207812701E2A69B1@WUHER>
Sender: owner-ipsec@ex.tis.com

Steven Lee said:
> If the server certificate is not signed by one of the root CA installed
> in your browser, then you cannot authenticate.  Marc, are you assuming
> that the certificate is issued by one of the root CA? 

Um, yes; in any certificate-based system the certificates have to be issued
by someone trusted by the verifier.  I don't see how this is an SSL-specific
issue; it's just as applicable to lots of other security situations, including
IPSEC key management.

- Marc

-- 
Marc VanHeyningen                 marcvh@aventail.com
Internet Security Architect
Aventail                          http://www.aventail.com/

References:

RE: SSL v IPSEC for management?

From: Steven Lee <slee@cygnacom.com>

Prev by Date: New IPSec Monitoring MIB draft
Next by Date: RE: SSL v IPSEC for management?
Prev by thread: RE: SSL v IPSEC for management?
Next by thread: RE: SSL v IPSEC for management?
Index(es):
- Main
- Thread