Re: [fw-wiz] netscreen 25 sofaware ipsec interop
From: Ng Pheng Siong (ngps_at_netmemetic.com)
Date: 01/11/04
- Previous message: Derito, Anthony G: "[fw-wiz] Cisco PIX IDS"
- In reply to: R. DuFresne: "Re: [fw-wiz] netscreen 25 sofaware ipsec interop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "R. DuFresne" <dufresne@sysinfo.com> Date: Sun, 11 Jan 2004 20:37:58 +0800
On Tue, Jan 06, 2004 at 10:18:54AM -0500, R. DuFresne wrote:
> how does one create a cert for a dynamic IP?
Wildcard CN, e.g.,
Subject: C=SG, O=The Net Memetic Pte Ltd,
CN=*.rulemaker.net/emailAddress=ngps@netmemetic.com
The dynamic IPs PTR back to, say, xxx.dyn-pool.example.com, and you create
certs with CN=*.dyn-pool.example.com.
Verification is entirely up to the relying application, of course.
Cheers.
-- Ng Pheng Siong <ngps@netmemetic.com> http://firewall.rulemaker.net -+- Firewall Change Management & Version Control http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL _______________________________________________ firewall-wizards mailing list firewall-wizards@honor.icsalabs.com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Derito, Anthony G: "[fw-wiz] Cisco PIX IDS"
- In reply to: R. DuFresne: "Re: [fw-wiz] netscreen 25 sofaware ipsec interop"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
