Re: Identity Checking in Application Protocols

To: Peter Saint-Andre <stpeter at stpeter.im>
Subject: Re: Identity Checking in Application Protocols
From: "Vijay K. Gurbani" <vkg at alcatel-lucent.com>
Date: Wed, 28 Oct 2009 15:53:35 -0500
Cc: apps-discuss at ietf.org
Delivered-to: apps-discuss at core3.amsl.com
In-reply-to: <4AE8ADE6.7030803 at stpeter.im>
List-archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-post: <mailto:apps-discuss@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
Organization: Bell Labs Security Technology Research Group
References: <4AE62AB7.8080607 at stpeter.im> <4AE6CB4E.9030701 at isode.com> <4AE76608.6030607 at stpeter.im> <02d901ca57f3$46023660$0601a8c0 at allison> <4AE8ADE6.7030803 at stpeter.im>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Peter Saint-Andre wrote:

A server may support more than one client and so may be configured
with more than one reference identity and use any or all of them in acomparison with what is received in an X.509 certificate eg with SIP,Netconf, syslog,
That's an interesting perspective.


An approach that we took in SIP for the server to authenticate
clients is documented in Section 7.4 of ietf-sip-domain-certs
(http://tools.ietf.org/html/draft-ietf-sip-domain-certs-04#section-7.4).

Thanks,

- vijay
--
Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent
1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60566 (USA)
Email: vkg at {alcatel-lucent.com,bell-labs.com,acm.org}
Web:   http://ect.bell-labs.com/who/vkg/

References:
- Identity Checking in Application Protocols
  - From: Peter Saint-Andre
- Re: Identity Checking in Application Protocols
  - From: Alexey Melnikov
- Re: Identity Checking in Application Protocols
  - From: Peter Saint-Andre
- Re: Identity Checking in Application Protocols
  - From: tom.petch
- Re: Identity Checking in Application Protocols
  - From: Peter Saint-Andre

Prev by Date: Re: Identity Checking in Application Protocols
Next by Date: Re: draft-nottingham-site-meta: registration too slow, opaque
Previous by thread: Re: Identity Checking in Application Protocols
Next by thread: Re: Identity Checking in Application Protocols
Index(es):
- Date
- Thread

Re: Identity Checking in Application Protocols

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.