Hello Andreas, thank you very much for your help and the fast reply! Amazing, I'm looking forward to test it! :)
Many thanks! Thomas On 08/03/2015 08:10 PM, Andreas Steffen wrote: > Hello Thomas, > > yes this is possible with strongswan 5.3.2. Have a look at my > presentation given at the 2015 TCG Members Meeting in Edinburgh: > > https://www.strongswan.org/docs/TCG_Edinburgh_2015.pdf > > The only thing you have to do is to load the tnc-imc and tmc-imv > plugins on both the TNC client and TNC server and of course the > needed IMCs and IMVs (for attestation usually the OS and Attestation > IMC plus the Attestation IMV). In order to activated the mutual > attestation capability set the following parameter in strongswan.conf > > charon { > plugins { > tncss-20 { > mutual = yes > } > } > } > > Best regards > > Andreas > > On 03.08.2015 19:42, Thomas Strobel wrote: >> Hello everyone, >> >> being new to the mailing list, I first want to thank everyone that is or >> was involved in developing strongswan as open source project, it's >> amazing! Thanks! >> >> Now my question. I'm thinking of using strongswan to secure P2P networks >> with mutual TNC remote attestation. Does strongswan support that use >> case? I mean, is it possible that both sides act as TNC client and >> server at the same time, and that a connection is only established after >> both sides verified the integrity of the other side? >> >> Many thanks >> Thomas >> _______________________________________________ >> Users mailing list >> Users@lists.strongswan.org >> https://lists.strongswan.org/mailman/listinfo/users >> > _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
