[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ICIM: comment on IPsecPolicyGroup

To: "'Ricky Charlet'" <rcharlet@xxxxxxxxxxxx>, ".ipsec-policy" <ipsec-policy@xxxxxxxx>
Subject: RE: ICIM: comment on IPsecPolicyGroup
From: Jay Wack <jayw@xxxxxxxxxx>
Date: Wed, 10 Jan 2001 09:04:04 -0500
List-archive: <http://www.vpnc.org/ipsec-policy/mail-archive/>
List-id: <ipsec-policy.vpnc.org>
List-unsubscribe: <mailto:ipsec-policy-request@vpnc.org?body=unsubscribe>
Sender: owner-ipsec-policy@xxxxxxxxxxxxx

ANSI has a very broad approach X9.69 called Key Management Extensions...you
may want to take a look.

Jay Wack: CTO Tecsec  703 506 9069 x112

-----Original Message-----
From: Ricky Charlet [mailto:rcharlet@xxxxxxxxxxxx]
Sent: Tuesday, January 09, 2001 7:38 PM
To: .ipsec-policy
Subject: ICIM: comment on IPsecPolicyGroup


Howdy,

	IPsecPolciyGroup binds together an IKERule and and IPsecRule. I'd
like
to see a layer of abstraction introduced, namely a KeyManagementRule.
Then under keyManagementRule, we could use IKE for KM services if we
wanted, but we could also use kerberose, or son-of-ike or manually
entered keys, or....

-- 
  Ricky Charlet   : Redcreek Communications   : usa (510) 795-6903

Follow-Ups:
- Re: ICIM: comment on IPsecPolicyGroup
  - From: Jon Saperia

Prev by Date: ICIM: comment on IPsecPolicyGroup
Next by Date: Re: IPsecAction granularity
Previous by thread: Re: comment on IPsecPolicyGroup
Next by thread: Re: ICIM: comment on IPsecPolicyGroup
Index(es):
- Date
- Thread