[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on "Hybrid Auth. mode for IKE"
Stephen Kent wrote:
>
> Moshe,
>
> >So what you are saying is that every one that is not yet ready to use
> >certificates and want to use a method not vulnerable to dictionary attack is
> >not allowed to use IPSEC?
>
> Gee, it sounds so negative when you say it that way ;-)!
>
> How about, a vendor who wants to sell IPsec products should get its act
> together and support IKE with certs, rather than taking shortcuts and using
> "market demand" as an excuse.
>
> Yes, I definately like that phrasing better.
To make things clearer: We currently support IKE with certificates and
not with legacy authentication systems, yet we believe that we should
give a standard based solution for customers that want to continue using
those systems as well.
Moshe
--
-----------------------------------------------------------------------
Moshe Litvin Check Point Software Technologies Ltd.
moshe@checkpoint.com Tel: +972-3-753-4601 (972-3-753-4555)
Fax: +972-3-575-9256
-----------------------------------------------------------------------
References: