[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Policy management, COPS, and SCVP

To: ipsec@lists.tislabs.com
Subject: Policy management, COPS, and SCVP
From: "Waters, Stephen" <Stephen.Waters@cabletron.com>
Date: Thu, 15 Jul 1999 10:44:49 +0100
Sender: owner-ipsec@lists.tislabs.com


Hi,

Is anyone thinking much about policy management for IPSEC VPN clients? I've
been reading a bit about Common Open Policy Service (COPS) which seems to
offer a solution with 'dynamic' policy decisions.

One thought I had when reading it, is that the COPS server (The Policy
Decision Point - PDP), could be passed the client certificate to start the
policy look-up. This would then allow the COPS server to do the job of SCVP
as well:

1) check the certificate
2) return the appropriate policy, or reject.

Steve.

Prev by Date: RE: Timeout problems
Next by Date: starting on asking THE QUESTION
Prev by thread: RE: Timeout problems
Next by thread: starting on asking THE QUESTION
Index(es):
- Main
- Thread