RFC 4809:Requirements for an IPsec Certificate Man...
RFC-Ref

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - X

profile

Click on the red underlined text to get to the source

1. Introduction
... These requirements are intended to be used to profile a certificate management protocol that the VPN System will use to communicate with ...
... VPN System will use to communicate with the PKI System. Note that this profile will be in another document. The certificate management ...
... The certificate management profile will also clarify and constrain existing PKIX (PKI ...
... The desired outcome of the requirements and profile documents is that both IPsec and PKI ...
... the certificate management profile with any conforming PKI vendor's ...


2. Architecture
... certificate management profile. Requirements for [I] transactions ...


3. Requirements
... The target profile, to be based on this requirements document, MUST call for ONE PROTOCOL or ONE USE PROFILE ...
... profile, to be based on this requirements document, MUST call for ONE PROTOCOL or ONE USE PROFILE for each main element of the [A], [E], [L], and [R] interactions. In order to reduce complexity ...
... and improve interoperability, having multiple competing protocols or profiles to solve the same requirement should be avoided whenever possible. ...
... target certificate management profile MUST specify the [A], [E], [L], and [R] transactions between VPN ...
... target certificate management profile will not specify [G] transactions. However, these transactions ...
... PKC Profile for PKI Interaction ...
... It is preferable that the PKC profiles for IPsec transactions ...
... certificate management profile) are the same so that one PKC could be used for both transaction ...
... PKC could be used for both transaction sets. If the profiles are inconsistent, then different PKCs (and perhaps different processing requirements ...
... be required. However, the authors urge that progress continue on other aspects of this standardization effort regardless of the status of efforts to achieve PKC profile consensus. ...
... certificate management profile. Bulk authorization occurs when the Admin requests of the PKI ...
... IPsec products. The profile will clarify what happens if the request and retrieval fails for some reason. The following cases MUST be covered: ...
... details). The profile MUST identify the one protocol or transaction within a protocol to be used for both Peer and Admin initiated revocations ...
... revocations. The profile MUST identify the size of CRL the client will be prepared ...
... IKE is a stated non-goal of the profile at this time. ...
... 3280prop. The contents necessary in the PKC to allow this will be enumerated in the profile document. ...
... deactivation should be layered into the VPN deployment. Such a second mechanism is out of the scope of this profile. (Examples are Xauth, L2TP's authentication ...


4. Security Considerations
... security considerations per se. However, the intent of the PKI4IPSEC WG was to profile and use concrete protocols for certificate management ...


5. References
... Certificate and Certificate Revocation List (CRL) Profile", RFC 3280prop, April 2002. ...
... Korver, B., "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2 ...

A - B - C - D - E - F - G - H - I - K - L - M - N - O - P - Q - R - S - T - U - V - W - X

Google
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org