From 7c52c3f35cdbdff58443b994f2f33d13b4d81f57 Mon Sep 17 00:00:00 2001
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Tue, 23 Jun 2009 11:35:38 +0000
Subject: Updated to new upstream version.

---
 testing/tests/ikev2/two-certs/description.txt | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

(limited to 'testing/tests/ikev2/two-certs/description.txt')

diff --git a/testing/tests/ikev2/two-certs/description.txt b/testing/tests/ikev2/two-certs/description.txt
index 46ca8fec1..94ffaa487 100644
--- a/testing/tests/ikev2/two-certs/description.txt
+++ b/testing/tests/ikev2/two-certs/description.txt
@@ -1,6 +1,7 @@
-The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each 
-to gateway <b>moon</b>. The authentication is based on <b>X.509 certificates</b>.
-Gateway <b>moon</b> has already loaded a revoked certificate for <b>carol</b>
-and a self-signed certificate for <b>dave</b> locally but gets actual certificates
-as CERT payloads from both peers. The RSA signature verification process tries all
-candidate peer certificates until it finds a valid one with a matching public key.
+The roadwarrior <b>carol</b> possesses two different X.509 certificates plus
+matching RSA private keys. With the first certificate <b>carol</b> authenticates
+a tunnel connection to gateway <b>moon</b> in order to reach client <b>alice</b>
+and presents the second certificate in order to reach client <b>venus</b> using
+the identity <b>carol@strongswan.org</b> for both IKE security associations.
+Therefore the RSA signature verification process on <b>moon</b> tries all
+candidate peer certificates until it finds the correct RSA public key.
-- 
cgit v1.2.3