Presentation is loading. Please wait.

Presentation is loading. Please wait.

Draft-dploy-requirements-00 Overview: draft-dploy-requirements-00 Gregory M Lebovitz pki4ipsec BOF.

Published byClaude Jacobs Modified over 8 years ago

Similar presentations

Presentation on theme: "Draft-dploy-requirements-00 Overview: draft-dploy-requirements-00 Gregory M Lebovitz pki4ipsec BOF."— Presentation transcript:

1 draft-dploy-requirements-00 Overview: draft-dploy-requirements-00 Gregory M Lebovitz Gregory@netscreen.com pki4ipsec BOF

2 draft-dploy-requirements-00 What is Project Dploy? initiated by IPsec product developers (11 helped draft req’s doc); Consortium birthed to work better with PKI vendors to create interoperable tools to enable large- scale, PKI-enabled VPN deployments www.projectdploy.com Projectdploy@postal.icsalabs.com

3 draft-dploy-requirements-00 Dploy’s Output A business case document A thorough requirements document, with consensus of 11 IPsec vpn vendors.

4 draft-dploy-requirements-00 Requirements Document One Protocol for certificate management – CMC was chosen Certificate Authorization – Bulk authorizations Key generation and cert request construction Enrollment – Three methods, type Certificate renewals and changes

5 draft-dploy-requirements-00 … Req’s Document (cont…) Certificate profile for use in IPsec –Identity Usage –Chaining –Key/Extended Key usage –Pointer to revocation checking Finding Certs in Repositories Revocation Action/Checking/Status Info Statistics/Monitoring/Troubleshooting/Error handling Intra-IKE Considerations

6 draft-dploy-requirements-00 Status Nov 2001 – effort championed and began July 2002 – Requirements completed –Asked PKI vendors to review and begin heavy participation –Less than enthusiastic reply Effort stalled; specification effort never undertaken

Download ppt "Draft-dploy-requirements-00 Overview: draft-dploy-requirements-00 Gregory M Lebovitz pki4ipsec BOF."

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Universal Electronic Signatures Tarvi Martens ESTONIA.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
MyProxy: A Multi-Purpose Grid Authentication Service

MyProxy: A Multi-Purpose Grid Authentication Service
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.

RPKI Certificate Policy Stephen Kent, Derrick Kong, Ronald Watro, Karen Seo July 21, 2010.
Deploying and Managing Active Directory Certificate Services

Deploying and Managing Active Directory Certificate Services
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Overview of proposed EAP methods, credential types, and uses Pasi Eronen IETF64 EMU BoF November 10 th, 2005.

Overview of proposed EAP methods, credential types, and uses Pasi Eronen IETF64 EMU BoF November 10 th, 2005.
PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.

PKIF TWG Report 29 June 2000 Mark Davis Andrew Nash et al.
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Status report for draft-ietf-ipsec-pki-profile Paul Hoffman, Director VPN Consortium for Brian Korver

Status report for draft-ietf-ipsec-pki-profile Paul Hoffman, Director VPN Consortium for Brian Korver
2/29/2004Profile-04 open issues draft-ietf-ipsec-pki-profile-04.txt (Potentially) Open Issues Gregory M Lebovitz

2/29/2004Profile-04 open issues draft-ietf-ipsec-pki-profile-04.txt (Potentially) Open Issues Gregory M Lebovitz
13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.

13 Sept 00 Token Interoperability and Portability Project status report John Hughes Montreal - 14 September 00.
Obstacles to PKI Deployment and Usage – Conclusions Relevant to pki4ipsec Steve Hanna, Co-chair, OASIS PKI TC.

Obstacles to PKI Deployment and Usage – Conclusions Relevant to pki4ipsec Steve Hanna, Co-chair, OASIS PKI TC.

Similar presentations

Ads by Google