Re: two CA certificates for IPSec or something...
From: Brian Komar [MVP] (bkomar_at_nospam.identit.ca)
Date: 09/17/05
- Next message: Ray: "Certificate Service"
- Previous message: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- In reply to: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Next in thread: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Reply: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 17 Sep 2005 16:44:41 -0500
In article <e5oRO35uFHA.1560@TK2MSFTNGP09.phx.gbl>, "Ondrej Sevecek"
<ondra at my_surname dot com> says...
> > You could use two certificate templates to accomplish this, but if you
> > are applying different IPSec filters, the authentication can only
> > indicate *which* root CA the chain is rooted.
>
> .... and when I would use two templates, how to distinguish them in the
> filter rules?
>
>
> O.
>
>
>
>
This is the issue, the certificate templates would still chain to CAs
that chain to the same root.
Is there any other criteria that you could use, other than the
authentication to isolate?
Brian
- Next message: Ray: "Certificate Service"
- Previous message: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- In reply to: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Next in thread: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Reply: Ondrej Sevecek: "Re: two CA certificates for IPSec or something..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
