[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft for a new authentication mode for IKE



We have submitted a draft for a new authentication mode for IKE:

Abstract:
   This document describes a new authentication mode for the Internet
   Key Exchange (IKE). This mode extends the authentication
   modes defined in [IKE]. The proposed mode assumes an asymmetry
   between the authenticating entities. One entity, typically an edge
   device (e.g. firewall), authenticates using public key techniques,
   while the other entity, typically a remote user, authenticates using
   challenge response techniques. The mode is designed to provide a
   solution for environments where a legacy authentication system
   exists, yet a full public key infrastructure is not deployed. 


The draft can be found at:

http://www.ietf.org/internet-drafts/draft-litvin-ipsec-isakmp-hybrid-auth-00.txt


-- 
-----------------------------------------------------------------------
Moshe Litvin                    Check Point Software Technologies Ltd.

moshe@checkpoint.com            Tel:   +972-3-753-4601 (972-3-753-4555)
                                Fax:   +972-3-575-9256
-----------------------------------------------------------------------