[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt

To: Arik Friedman <arikf@xxxxxxxxxxxxxxxxx>
Subject: Re: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
From: Nicolas Williams <Nicolas.Williams@xxxxxxx>
Date: Sun, 3 Dec 2006 23:13:07 -0600
Cc: ipsec@xxxxxxxx
In-reply-to: <0J9I004QA59AFAC0@xxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:ipsec-request@ietf.org?subject=help>
List-id: IP Security <ipsec.ietf.org>
List-post: <mailto:ipsec@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
Mail-followup-to: Arik Friedman <arikf@xxxxxxxxxxxxxxxxx>, ipsec@xxxxxxxx
References: <0J9I004QA59AFAC0@xxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-ipsec@xxxxxxxxxxxxx
User-agent: Mutt/1.5.7i

On Wed, Nov 29, 2006 at 07:16:29PM +0200, Arik Friedman wrote:
>    This document describes an extension to IKEv2 that allows an endpoint
>    to prove to a security gateway that it was already authenticated by
>    another trusted security gateway, thereby allowing the authentication
>    of the endpoint without user intervention.  This is accomplished
>    using a Short Term Credential that the endpoint requests from the
>    authenticating security gateway.  This credential is a certificate
>    issued by the authenticating gateway for a short period of time, and
>    it can be used to authenticate the user with IKE signature based
>    authentication.

Sounds like a ticketing system.

Sounds like Kerberos V (with PKINIT).

Sounds fairly unrelated to IKEv2 and rather specific to PKIX.

Nico
-- 

_______________________________________________
Ipsec mailing list
Ipsec@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ipsec

Follow-Ups:
- Re: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
  - From: Ariel Shaqed (Scolnicov)

References:
- [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
  - From: Arik Friedman

Prev by Date: Best Proposal: Part-Time Job [Sun, 03 Dec 2006 22:18:45 -0500]
Next by Date: Incredible prices
Previous by thread: RE: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
Next by thread: Re: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
Index(es):
- Date
- Thread