[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-pki-profile-01.txt

To: "Housley, Russ" <rhousley@rsasecurity.com>, Brian Korver <briank@xythos.com>
Subject: Re: draft-ietf-ipsec-pki-profile-01.txt
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Wed, 13 Nov 2002 17:30:55 -0500
Cc: ipsec@lists.tislabs.com
In-Reply-To: <5.1.0.14.2.20021113114325.03433cf0@exna07.securitydynamics.com>
References: <5.1.0.14.2.20021110124741.020c4858@exna07.securitydynamics.com><5.1.0.14.2.20021113114325.03433cf0@exna07.securitydynamics.com>
Sender: owner-ipsec@lists.tislabs.com

At 11:44 AM -0500 11/13/02, Housley, Russ wrote:
>Brian:
>
>>>In section 4.1.3.13, you say that no IPsec extended key usage 
>>>values have been registered.  This is incorrect.  Three extended 
>>>key usage values for use with IPsec have been registered.  Do you 
>>>propose to deprecate their use?
>>>
>>>    id-kp-ipsecEndSystem         OBJECT IDENTIFIER ::= { id-kp 5 }
>>>    id-kp-ipsecTunnel            OBJECT IDENTIFIER ::= { id-kp 6 }
>>>    id-kp-ipsecUser              OBJECT IDENTIFIER ::= { id-kp 7 }
>>
>>What spec do these appear in?
>
>I do not know.  I was asked to register them many years ago.  If 
>they are not being used, we should mark them as obsolete in the 
>registry.

I *think* they first appeared in the now-dead IPsec PKI document of 
which I became an editor in later days. I have been told that some 
implementations use them.

--Paul Hoffman, Director
--VPN Consortium

References:
- draft-ietf-ipsec-pki-profile-01.txt
  - From: "Housley, Russ" <rhousley@rsasecurity.com>
- Re: draft-ietf-ipsec-pki-profile-01.txt
  - From: "Housley, Russ" <rhousley@rsasecurity.com>

Prev by Date: Re: Adding revised identities to IKEv2
Next by Date: RFC2407: ID Payload Field ("DOI Specific ID Data")
Prev by thread: Re: draft-ietf-ipsec-pki-profile-01.txt
Next by thread: Re: draft-ietf-ipsec-pki-profile-01.txt
Index(es):
- Date
- Thread