Hן Mike
On Dec 22, 2011, at 3:16 AM, Mike Sullenberger wrote:
Everyone,
I noticed that in the four vendor presentations in the P2P VPN - side
meeting in TAIPEI that none of vendors chose to extend or augment IKE/IPsec
to solve this class of problems. This is not to say that vendors haven't
Hello,
The basic IKEv2 cert auth mechanism for RSA (from RFC 5996) seems to be to hash
using SHA-1 before signing.
However when using ECDSA certs for IKEv2 I am trying to make sure I am reading
RFC 4754 correctly when it says the following:
Moreover, ECDSA cannot be specified for IKEv2
On Dec 22, 2011, at 9:07 PM, Gaurav Poothia wrote:
Hello,
The basic IKEv2 cert auth mechanism for RSA (from RFC 5996) seems to be to hash
using SHA-1 before signing.
However when using ECDSA certs for IKEv2 I am trying to make sure I am reading
RFC 4754 correctly when it says the following:
Thanks Yoav!
From: Yoav Nir [mailto:y...@checkpoint.com]
Sent: Thursday, December 22, 2011 1:35 PM
To: Gaurav Poothia
Cc: ipsec@ietf.org; Brian Swander
Subject: Re: [IPsec] Question about ECDSA cert usage for IKEv2 auth
On Dec 22, 2011, at 9:07 PM, Gaurav Poothia wrote:
Hello,
The basic IKEv2