[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Simplifying IKE
> STEVE: I agree with you on this, but in practice, unless a
> PKI standard is
> settled on, my boss is not going to approve of me implementing a
> proprietary solution unless a consensus is reached in the
> IPsec community
> first. My gut feeling is that it isn't gonna happen unless
> the work at the
> NIST on PKI suddenly becomes accepted as a standard.
Why not simply plug into XKMS?
All IPSEC cares about is the delivery of authenticated, validated
keys. It should not need to know if the PKI is based on X509/PKIX,
PGP, SPKI or YAPKI.
Phill
Phillip
Follow-Ups: