- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Tue, 22 Nov 2005 08:29:28 +0000
- To: "Vicente D. Guardiola Buitrago" <vicentedavid81@yahoo.es>
- CC: www-xkms@w3.org
I guess you could either define a new UseKeyWith for a VPN g/w (is this really for tunnel mode g/w? there aren't really any clients/servers for IPsec are there.) Or, just configure different service URLs the responder, so that requests to one use profile A, whereas requests to the other use profile B. 2nd one should be easier I guess, so long as the same entity isn't playing both IPsec "roles" at different times. S. Vicente D. Guardiola Buitrago wrote: > > Hello, > > I'm implementing a XKMS Server and I've a doubt. > > My underlying PKI is based on X.509 Certificate, and the problem raises > when I have to check the KeyUsage and UseKeyWith for the requested Key > binding in the found certificates. For instance, let be a Request with a > UseKeyWith for IPSEC with IP A.B.C.D and KeyUsage Signature and > Excryption. This is a typical request, but in X.509 Certificate I need > to know if the certificate is going to be used in a Client or a Server, > because the necessary extensions are different in either situation. > > Then, the question is, how can I determine if a request is for a Client > or a Server? > > Thanks, > > Vicente Guardiola > University of Murcia (Spain) > > > ______________________________________________ Renovamos el Correo > Yahoo! Nuevos servicios, más seguridad http://correo.yahoo.es > > >
Received on Tuesday, 22 November 2005 08:30:32 UTC