[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hybrid Authentication and Remote Access



Moshe Litvin writes:
> > If you can suggest several authentication methods, why select this one
> > with so many problems (the re-keying problem)?
> Because it also has advantages.

What advantages it has if you do have private key or preshared key in
the client (== you can propose several different authentication
methods) compared doing normal main mode and then XAUTH. It does save
2 packets but because they can be interleaved with the 3 packets in
the quick mode, it doesn even add one round trip of properly done. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/


References: