Short-Term Certificates
draft-friedman-ike-short-term-certs-02
| Document | Type | Expired Internet-Draft (individual) | |
|---|---|---|---|
| Author | Arik Friedman | ||
| Last updated | 2007-06-21 (Latest revision 2006-12-27) | ||
| Stream | (None) | ||
| Formats |
Expired & archived
plain text
htmlized
pdfized
bibtex
|
||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-friedman-ike-short-term-certs-02.txt
Abstract
This document describes an extension to IKEv2 that allows an endpoint which has authenticated to a gateway to request a short-term credential, possession of which proves the authentication. This allows it to prove to a security gateway that it was already authenticated by another trusted security gateway, thereby allowing the authentication of the endpoint without user intervention. This credential is a certificate issued by the authenticating gateway for a short period of time, which can be used to authenticate the user with IKE signature based authentication.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)