On Mar 26, 2012, at 9:52 AM, Michael Richardson wrote: > >>>>>> "Geoffrey" == Geoffrey Huang <ghu...@juniper.net> writes: > Geoffrey> My initial inclination is to say that won't fly: that many > Geoffrey> deployments still require preshared key authentication. > Geoffrey> Rather, they would object to certificates because of > Geoffrey> perceived complexity. That said, I could see arguments > Geoffrey> that what we're discussing are already fairly > Geoffrey> sophisticated topologies, so perhaps the certificate > Geoffrey> allergy doesn't hold? > > Tero isn't proposing using certificates. > > Tero is proposing that the gateway/hub provides each leaf node with a > gateway mediated, ASN.1 encoded, scalable, asymmetric, transitive proofs > of identity. It would be used only for the leaf to leaf connection. > It would be retained for a convenient period of time and then destroyed.
Not just leaf-to-leaf, but also leaf to any other node, even if it's not a real leaf. This is beginning to look a lot like Kerberos, no? Yoav _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
