Annotation of embedaddon/strongswan/testing/tests/ikev2/rw-sig-auth/description.txt, revision 1.1
1.1 ! misho 1: The roadwarriors <b>carol</b> an <b>dave</b> set up a connection to gateway
! 2: <b>moon</b>. They authenticate themselves using <b>RSA signatures</b> but
! 3: they use different hash algorithms. <b>moon</b> uses signature scheme constraints
! 4: to only allow access to the <b>research</b> and <b>accounting</b> subnets if
! 5: specific algorithms are used. <b>Note:</b> Because the client certificate's are signed
! 6: with SHA-256 we have to accept that algorithm too because signature schemes in
! 7: <b>rightauth</b> are also used as constraints for the whole certificate chain.
! 8: Therefore, <b>carol</b> obtains access to the <b>research</b> subnet behind gateway
! 9: <b>moon</b> whereas <b>dave</b> has access to the <b>accounting</b> subnet, but not
! 10: vice-versa.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev2 / rw-sig-auth