[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Ipsec] certificate encoding type in IKEv2
Hi all,
In draft-ietf-ipsec-ikev2-14.txt,
section 3.6 following certificate encoding types are defined:
PKCS #7
wrapped X.509 certificate 1
PGP
Certificate
2
DNS Signed
Key
3
X.509
Certificate - Signature 4
Kerberos
Token
6
Certificate
Revocation List (CRL) 7
Authority
Revocation List (ARL) 8
SPKI
Certificate
9
X.509
Certificate - Attribute 10
Raw RSA
Key
11
Hash and URL
of X.509 certificate 12
Hash and URL
of X.509 bundle 13
I would like to what is MUST in above defined types.
In IKEv2, it is X.509 certificate-signature.
I would also like to know what is cert bundle which is defined in page
58.
Is it related to certificate chain??
How can we use certificate chains in IKEv2??
Many thanks in advance,
Jyothi
_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec