[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Comments on "Hybrid Auth. mode for IKE"



Hi Pat,
Perhaps I wasn't clear, I know EAP is not tied to DES.  I authored
EAP-ISAKMP.  My point was that the XAUTH stuff stems from a desire to
support token cards.  That would be the biggest consumer of the protocol if
it were implemented.  So I was suggesting a way of supporting token cards
without a new auth method.

On an aside, how do biometric devices increase network authentication
security?

Of the ones I have worked with all they do is output a large password based
on some bio input.  They don't solve the problem of securely transferring
that password to be verified on the other end.  But I haven't used biometric
devices to do network authentication, only to secure private keys which are
then used in the network authentication.

Bye.
----
Greg Carter, Entrust Technologies
greg.carter@entrust.com

> Again, it just happens that *some* of the EAP proposal are based on DES.
> EAP
> could also support biometrics, TLS and a whole slew of other more secure 
> schemes. EAP is not tied to DES in any way.
> 
> 


Follow-Ups: