[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
To throw 2-cents into this conversation, the SIDR WG seems to be
considering a global PKI, albeit for BGP routers and not end hosts.
(http://www3.ietf.org/proceedings/06mar/slides/sidr-1.pdf)
-Jeff
> As i understand it, the only way to make the shim6 security based on
> IPSec is to assume that a global PKI is deployed, including client
> certificates (i.e. not only server certificates) so that it
> is possible to secure any-to-any communication.
>
> From what i understand such global pki is not in place yet and it
> doesn't looks like it will be anytime soon if ever.