[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Issue 282: PSK / cert fingerprint operation

To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Subject: Issue 282: PSK / cert fingerprint operation
From: Stefan Winter <stefan.winter@restena.lu>
Date: Wed, 11 Feb 2009 10:13:01 +0100
Cc: radiusext@ops.ietf.org
In-reply-to: <AC1CFD94F59A264488DC2BEC3E890DE506F645A0@xmb-sjc-225.amer.cisco.com>
References: <AC1CFD94F59A264488DC2BEC3E890DE506F645A0@xmb-sjc-225.amer.cisco.com>
User-agent: Thunderbird 2.0.0.19 (X11/20081227)

Hi,

> 6. Would RADSEC benefit from a mechanism that did not require a PKI?
> This could be achieved by specifying a certificate fingerprint or PSK
> mode of operation.  
>   

The text in 2.2 has been clarified that a TLS PSK operation mode is
allowed. Cert fingerprint as a means of validating a connection attempt
has been added as a SHOULD.

Please comment if this text can satisfactorily close this sub-issue.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Issue 282: dynamic discovery text cleanup
Next by Date: Issue 281: new (separate) draft upcoming
Previous by thread: Issue 282: dynamic discovery text cleanup
Next by thread: Issue 281: new (separate) draft upcoming
Index(es):
- Date
- Thread