Hi all With digital certificate authentication between Party A and B trying to establish an IPSec connection, the private and public keys are used which is used as following
CA server Private Key - Used to encrypted the hash (signature) attached to the party's certificate. CA server Public key - The IPSec peer decrypts the hash using CA public Key which it got from the CA server's root cert. Party A Private Key - The party A encrypts the hash using it's private key Party B Public Key - The Party sends it's public key to party B in the certificate. Party B used the public key to decrypt the hash. Party B calculate the hash of the Party B certificate and compares it with the hash received. If the hash matches, authentication is successful. The same happens vice versa to authenticate Party A Is my understanding on the private and public purpose is correct? I have been working this for a long time but not able to get the exact picture. RFC 2409 is very user friendly readable version :-) With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
