[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Confirm decision on identity handling.



Hi David,

comments inline...

> -----Original Message-----
> From: David Wierbowski [mailto:wierbows@us.ibm.com]
> Sent: Wednesday, April 30, 2003 2:40 PM
> To: ipsec@lists.tislabs.com
> Subject: Re: Confirm decision on identity handling.
> 
> I agree.  I  think it is safer to trust an identify contained within a
> certificate than it is to trust an identity sent in a payload.

The identity payload is authenticated via the cert
in the case we were discussing.  How is this unsafe?

> 
> If I understand this thread correctly the expectation is that 
> I should make
> a policy decision based solely on an identify payload and I 
> should use the
> certificate as a credential only.  

What I proposed was that the a new ID payload could explicitly
state that the identity is in the cert, so it would not be solely
used as a credential.

> What ties the identify to the
> credential?

The auth payload.

> Do I have to now configure a mapping of 
> acceptable policies to
> identities and a list of credentials that I trust to send me a valid
> identity payload?

You may.  If you are mapping all credentials that you trust to
a single policy, you can ignore the identities.  Your choice.
In any case, you configure your trust of credentials in some way.

> 
> I do not understand what interoperability issues result by 
> requiring the
> identity to be contained within the cert.

None that I can see.  Current (v1) interoperability issues
are mainly from the ID-to-cert mapping.

> Isn't the 
> verification of one's
> identity a reason for using certificates in general?
> 
> Dave Wierbowski

Regards,

Jim