|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On Mon, 7 May 2012, Stephen Farrell wrote:
The draft is for TLS, but it occurs to me to ponder.. would similar approach work for IPsec IKEv2 as an alternative to verify endpoints?IPsec is in the WG charter, [1] but there's been zero energy for that so far. I believe the chairs plan to poll the WG about that kind of thing once the current spec is out the door. So, if you're interested in that, sign up to the WG list.
Related to these are RFC-4025 and draft-kivinen-ipsecme-oob-pubkey, and I do think there is a need to update the RFC to allow for the new raw pubkets in IPsec using SPKI and wrap it up in a dane like specification document, and would be willing to help. Paul