[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Query on draft-ietf-ipsec-pki-req-03.txt

To: "'Walker, Jesse'" <jesse.walker@intel.com>, "'ipsec@lists.tislabs.com'" <ipsec@lists.tislabs.com>
Subject: RE: Query on draft-ietf-ipsec-pki-req-03.txt
From: Greg Carter <greg.carter@entrust.com>
Date: Tue, 19 Oct 1999 12:33:19 -0400
Sender: owner-ipsec@lists.tislabs.com

Hi Jesse,

Yes if you receive a certificate request with type CRL then you should send
the CRL that your certificate would be put on were it to be revoked (follow?
:) ).  Many implementations are doing this.  Of course this requires that at
least one end of the negotiation has access to the CRL repository.
Bye.

Greg Carter
Entrust Technologies - http://www.entrust.com
http://www.ford-trucks.com/articles/buildup/dana60.html


-----Original Message-----
From: Walker, Jesse [mailto:jesse.walker@intel.com]
Sent: Tuesday, October 19, 1999 10:56 AM
To: 'ipsec@lists.tislabs.com'
Subject: Query on draft-ietf-ipsec-pki-req-03.txt


or the security gateway's cert gets validated. Maybe we need to require
implementations to send the latest CRL known to them during the IKE phase 1
negotiation?

Prev by Date: RE: I-D ACTION:draft-ietf-ipsec-pki-req-03.txt
Next by Date: RE: I-D ACTION:draft-ietf-ipsec-pki-req-03.txt
Prev by thread: Re: Query on draft-ietf-ipsec-pki-req-03.txt
Next by thread: RE: Query on draft-ietf-ipsec-pki-req-03.txt
Index(es):
- Main
- Thread