[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
draft for a new authentication mode for IKE
We have submitted a draft for a new authentication mode for IKE:
Abstract:
This document describes a new authentication mode for the Internet
Key Exchange (IKE). This mode extends the authentication
modes defined in [IKE]. The proposed mode assumes an asymmetry
between the authenticating entities. One entity, typically an edge
device (e.g. firewall), authenticates using public key techniques,
while the other entity, typically a remote user, authenticates using
challenge response techniques. The mode is designed to provide a
solution for environments where a legacy authentication system
exists, yet a full public key infrastructure is not deployed.
The draft can be found at:
http://www.ietf.org/internet-drafts/draft-litvin-ipsec-isakmp-hybrid-auth-00.txt
--
-----------------------------------------------------------------------
Moshe Litvin Check Point Software Technologies Ltd.
moshe@checkpoint.com Tel: +972-3-753-4601 (972-3-753-4555)
Fax: +972-3-575-9256
-----------------------------------------------------------------------