Re: [IPsec] Proposed work item: Labelled IPsec

[Sean Turner]

Nicolas Williams wrote:
...snip...
 - A separate I-D for adding labeling information to certificates.

Are you suggesting that you'd label a certificate?  I suspect what 
you're talking about is including what labels a user/device supports and 
the clearance attribute in the RFC 3281 update 
(http://tools.ietf.org/html/draft-ietf-pkix-3281update-05) is defined 
for just such a purpose.

spt
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec