[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-pki-profile-01.txt
At 11:44 AM -0500 11/13/02, Housley, Russ wrote:
>Brian:
>
>>>In section 4.1.3.13, you say that no IPsec extended key usage
>>>values have been registered. This is incorrect. Three extended
>>>key usage values for use with IPsec have been registered. Do you
>>>propose to deprecate their use?
>>>
>>> id-kp-ipsecEndSystem OBJECT IDENTIFIER ::= { id-kp 5 }
>>> id-kp-ipsecTunnel OBJECT IDENTIFIER ::= { id-kp 6 }
>>> id-kp-ipsecUser OBJECT IDENTIFIER ::= { id-kp 7 }
>>
>>What spec do these appear in?
>
>I do not know. I was asked to register them many years ago. If
>they are not being used, we should mark them as obsolete in the
>registry.
I *think* they first appeared in the now-dead IPsec PKI document of
which I became an editor in later days. I have been told that some
implementations use them.
--Paul Hoffman, Director
--VPN Consortium