Skip to main content

Secure Configuration of IPsec-Enabled Network Devices
draft-ietf-ipsec-secconf-00

Document Type Expired Internet-Draft (ipsec WG)
Expired & archived
Authors Michael StJohns , Scott G. Kelly
Last updated 1998-10-14
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Formats
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

Remote configuration of network devices which implement IPsec- related services is desirable as a matter of convenience and of scale. In some cases, these devices are installed on a network with no prior configuration. In such cases, secure mechanisms for bootstrap configuration are required. In this document the associated issues are examined, and a multi-tiered approach is proposed from which a specific method may be selected based upon the security requirements of the environment in which the security device exists. While the primary devices considered here are security gateways and bump-in-the-wire encryptors, many of the resulting conclusions may extend to other devices, including host IPsec implementations.

Authors

Michael StJohns
Scott G. Kelly

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)