[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I-D ACTION:draft-ietf-ipsec-pki-req-03.txt
At 04:35 PM 10/25/99 -0700, Brian Korver wrote:
>Why require that extendedKeyUsage be mandatory at all?
To identify the cert as being for IKE. I've been told that today's IKE
systems use this OID as identification. I believe we should have *one* OID
for all IKE implementations, and not try to slice and dice between "client"
and "gateway" and so on.
Are there any IPsec implementations using the IPsec OIDs specified in RFC
2459? Are there any implementations that require the use of other OIDs,
like IKEend (1.3.6.1.5.5.8.2.1)?
--Paul Hoffman, Director
--VPN Consortium
Follow-Ups:
References: