[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipsec] FW: I-D ACTION:draft-friedman-ike-short-term-certs-00.txt
On Wed, Nov 29, 2006 at 07:16:29PM +0200, Arik Friedman wrote:
> This document describes an extension to IKEv2 that allows an endpoint
> to prove to a security gateway that it was already authenticated by
> another trusted security gateway, thereby allowing the authentication
> of the endpoint without user intervention. This is accomplished
> using a Short Term Credential that the endpoint requests from the
> authenticating security gateway. This credential is a certificate
> issued by the authenticating gateway for a short period of time, and
> it can be used to authenticate the user with IKE signature based
Sounds like a ticketing system.
Sounds like Kerberos V (with PKINIT).
Sounds fairly unrelated to IKEv2 and rather specific to PKIX.
Ipsec mailing list