[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Simplifying IKE

To: "'Steve.Robinson@psti.com'" <Steve.Robinson@psti.com>, Sandy Harris <sandy@storm.ca>
Subject: RE: Simplifying IKE
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Date: Wed, 8 Aug 2001 07:41:38 -0700
Cc: ipsec@lists.tislabs.com, owner-ipsec@lists.tislabs.com
Sender: owner-ipsec@lists.tislabs.com

> STEVE:  I agree with you on this, but in practice, unless a 
> PKI standard is
> settled on, my boss is not going to approve of me implementing a
> proprietary solution unless a consensus is reached in the 
> IPsec community
> first.  My gut feeling is that it isn't gonna happen unless 
> the work at the
> NIST on PKI suddenly becomes accepted as a standard.

Why not simply plug into XKMS?

All IPSEC cares about is the delivery of authenticated, validated
keys. It should not need to know if the PKI is based on X509/PKIX,
PGP, SPKI or YAPKI.

	Phill

Phillip

Follow-Ups:

RE: Simplifying IKE

From: Stephen Kent <kent@bbn.com>

Prev by Date: RE: IKE must have no Heirs
Next by Date: Re: Simplifying IKE
Prev by thread: Re: Simplifying IKE
Next by thread: RE: Simplifying IKE
Index(es):
- Main
- Thread