[IPsec] Certificate-related issues
Yaron Sheffer <yaronf@checkpoint.com> Thu, 29 October 2009 23:17 UTC
Return-Path: <yaronf@checkpoint.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A92713A690D for <ipsec@core3.amsl.com>; Thu, 29 Oct 2009 16:17:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.699
X-Spam-Level:
X-Spam-Status: No, score=-3.699 tagged_above=-999 required=5 tests=[AWL=-0.101, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id atP40mSS4IkS for <ipsec@core3.amsl.com>; Thu, 29 Oct 2009 16:17:35 -0700 (PDT)
Received: from michael.checkpoint.com (michael.checkpoint.com [194.29.32.68]) by core3.amsl.com (Postfix) with ESMTP id 87C843A6781 for <ipsec@ietf.org>; Thu, 29 Oct 2009 16:17:34 -0700 (PDT)
Received: from il-ex01.ad.checkpoint.com (localhost [127.0.0.1]) by michael.checkpoint.com (8.12.10+Sun/8.12.10) with ESMTP id n9TNHnhu019978 for <ipsec@ietf.org>; Fri, 30 Oct 2009 01:17:49 +0200 (IST)
Received: from il-ex01.ad.checkpoint.com ([126.0.0.2]) by il-ex01.ad.checkpoint.com ([126.0.0.2]) with mapi; Fri, 30 Oct 2009 01:17:51 +0200
From: Yaron Sheffer <yaronf@checkpoint.com>
To: IPsecme WG <ipsec@ietf.org>
Date: Fri, 30 Oct 2009 01:17:50 +0200
Thread-Topic: Certificate-related issues
Thread-Index: AcpY7GFXOJkiwsjfT7yL/JuU0JiZsg==
Message-ID: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EA7@il-ex01.ad.checkpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EA7ilex01adche_"
MIME-Version: 1.0
Subject: [IPsec] Certificate-related issues
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Oct 2009 23:17:37 -0000
Hi,
I will follow this message with 5 IKEv2-bis issues, all related to certificate handling in IKEv2. Note that these are not "PKIX issues", none of them has anything to do with the internal format of the certificate. They all have to do with the somewhat underspecified interaction of IKEv2 with certificates.
We will present these issues in Hiroshima. I am posting the issues here to encourage on-list discussion before (and after) the meeting.
Thanks,
Yaron
- [IPsec] Certificate-related issues Yaron Sheffer