Michael Richardson writes:
> Tero> In section 3.2 about star topology it should be noted, that
> Tero> quite often adminstrators do require star topology because
> Tero> they want to do some kind of inspection for all traffic inside
> Tero> the vpn. This kind of policy might make it
> "Tero" == Tero Kivinen writes:
Tero> This means that we might need to add creation of temporary
Tero> credentials to the protocol.
This is an interesting question.
I think the requirements document needs to either make this in scope or
make it out of scope by requiring re-usable me
Yoav Nir writes:
> Users use passwords, but endpoints can use PSKs and certificates.
> PSKs should be pairwise, so they have to be provisioned dynamically.
> It's all part of having to create the PAD entries dynamically. If we
> anyway have to provision peer's IP address/locator and identity (DN,
>
On Mar 14, 2012, at 8:00 AM, Tero Kivinen wrote:
> In section 2.1 where there is dicsussion about the endpoint to
> endpoint vpn use case, it should be noted, that this might require
> different temporary credentials. Endpoints (especially remote access
> users) do use passwords or similar creden
In section 2.1 where there is dicsussion about the endpoint to
endpoint vpn use case, it should be noted, that this might require
different temporary credentials. Endpoints (especially remote access
users) do use passwords or similar credentials which cannot be
forwarded. I.e. if the shared secret