[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ISAKMP and SSL

To: Mark Baugher <mbaugher@xxxxxxxxx>
Subject: Re: ISAKMP and SSL
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 2 May 2003 09:37:34 -0400
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <> <> <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

At 3:49 PM -0700 4/30/03, Mark Baugher wrote:

At 05:40 PM 4/30/2003 -0400, Stephen Kent wrote:
At 7:50 PM +0200 4/30/03, Ibrahim wrote:
Hi all,
When I read RFC 2408 they described ISAKMP as a generic key management
protocol for all security protocols but till now the large deployment of
ISAKMP was only with IPSEC
My question is, can we use it with SSL/TLS?
The goal of this issue is to add new services in SSL/TLS (identity
protection, attribute certificate passing for access control schemes,
non-repudiation…).
Thank you in advance
Ibrahim
SSL/TLS has its own, tightly couple key management protocol, so it would not be appropriate to try to use ISAKMP.
I think the confusion comes from the fact that the ISAKMP RFC says it could be applied to TLS.

Mark

It lied :-)

Steve

References:
- ISAKMP and SSL
  - From: Ibrahim
- Re: ISAKMP and SSL
  - From: Mark Baugher

Prev by Date: RE: IPSec Passthrough
Next by Date: Re: Question on inbound IPSEC policy check
Previous by thread: Re: ISAKMP and SSL
Next by thread: Re: ISAKMP and SSL
Index(es):
- Date
- Thread