pki4ipse-3----Page:6
1 2 3 4 5 6 7 8 9 10
|
“Big” Issues (2) Need to determine the relationship between IKE certificates, and certificates for ongoing cert management use. Do we use a different cert (or set of certs) for CM than the cert (or set of certs) that we use for IPSEC? Don't think you can necessarily keep these from being different Suggest that we require that the CM profile not preclude use of the same certs as the IKE cert profile. Clause 3.2.3.3 specifies that CDP MUST be included and MUST specify the access method. Need to agree what the MUST support access method should be. Options are HTTP and LDAP. Text presently makes HTTP the MUST support method. |