[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ISAKMP and SSL



At 3:49 PM -0700 4/30/03, Mark Baugher wrote:
>At 05:40 PM 4/30/2003 -0400, Stephen Kent wrote:
>>At 7:50 PM +0200 4/30/03, Ibrahim wrote:
>>>Hi all,
>>>When I read RFC 2408 they described ISAKMP as a generic key management
>>>protocol for all security protocols but till now the large deployment of
>>>ISAKMP was only with IPSEC
>>>My question is, can we use it with SSL/TLS?
>>>The goal of this issue is to add new services in SSL/TLS (identity
>>>protection, attribute certificate passing for access control schemes,
>>>non-repudiation…).
>>>Thank you in advance
>>>Ibrahim
>>
>>SSL/TLS has its own, tightly couple key management protocol, so it 
>>would not be appropriate to try to use ISAKMP.
>
>I think the confusion comes from the fact that the ISAKMP RFC says 
>it could be applied to TLS.
>
>Mark

It lied :-)

Steve