[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Public Key Encryption Authentication

To: "Kim Edwards" <kimed@nortelnetworks.com>
Subject: Public Key Encryption Authentication
From: Tero Kivinen <kivinen@ssh.fi>
Date: Thu, 18 Nov 1999 23:37:54 +0200 (EET)
Cc: ipsec@lists.tislabs.com
In-Reply-To: <199911181511.KAA04134@lists.tislabs.com>
Organization: SSH Communications Security Oy
References: <199911181511.KAA04134@lists.tislabs.com>
Sender: owner-ipsec@lists.tislabs.com

Kim Edwards writes:
> Is anyone using this authentication method in their implementations?

Yes. We are supporting it. Also our test-site (isakmp-test.ssh.fi)
supports it. 

> Assuming you are using RSA public keys, what key format does your
> interface accept?

Normally we use normal X.509 certificates.

> Do you enter the raw RSA key ( i.e. public modulus n with the public
> exponent e concatenated ) in hex format? Or do you enter the RSA key
> encoded with ASN.1?

We have some tools to process different kind of public key formats,
and creating something new to import keys in different format is quite
easy.

If you are testing with the test-site, you must send your public key
before it is needed inside the IKE CERT payloads (X.509 certificate).
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

Follow-Ups:

Re: Public Key Encryption Authentication

From: "Kim Edwards" <kimed@nortelnetworks.com>

References:

Public Key Encryption Authentication

From: "Kim Edwards" <kimed@nortelnetworks.com>

Prev by Date: RE: Phase 1 Re-keying Implementation Identification
Next by Date: RE: Phase 1 Re-keying Implementation Identification
Prev by thread: Re: Public Key Encryption Authentication
Next by thread: Re: Public Key Encryption Authentication
Index(es):
- Main
- Thread