[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on "Hybrid Auth. mode for IKE"

To: Stephen Kent <kent@bbn.com>
Subject: Re: Comments on "Hybrid Auth. mode for IKE"
From: Moshe Litvin <moshe@cale.checkpoint.com>
Date: Mon, 24 Aug 1998 17:01:13 +0300
CC: Moshe Litvin <moshe@checkpoint.com>, ipsec@tis.com
References: <v03110715b1dfa1879858@[128.33.238.39]> from "Stephen Kent" at Jul 25, 98 06:10:58 pm <v03110700b1e2448c6f64@[128.89.0.110]> <v03110729b1ee2470e367@[128.89.0.110]>
Sender: owner-ipsec@ex.tis.com

Stephen Kent wrote:
> 
> Moshe,
> 
> >So what you are saying is that every one that is not yet ready to use
> >certificates and want to use a method not vulnerable to dictionary attack is
> >not allowed to use IPSEC?
> 
> Gee, it sounds so negative when you say it that way ;-)!
> 
> How about, a vendor who wants to sell IPsec products should get its act
> together and support IKE with certs, rather than taking shortcuts and using
> "market demand"  as an excuse.
> 
> Yes, I definately like that phrasing better.

To make things clearer: We currently support IKE with certificates and
not with legacy authentication systems, yet we believe that we should
give a standard based solution for customers that want to continue using
those systems as well.

Moshe

-- 
-----------------------------------------------------------------------
Moshe Litvin                    Check Point Software Technologies Ltd.

moshe@checkpoint.com            Tel:   +972-3-753-4601 (972-3-753-4555)
                                Fax:   +972-3-575-9256
-----------------------------------------------------------------------

References:

Re: Comments on "Hybrid Auth. mode for IKE"

From: Stephen Kent <kent@bbn.com>

Re: Comments on "Hybrid Auth. mode for IKE"

From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: Comments on "Hybrid Auth. mode for IKE"
Next by Date: RE: VPN Interoperability Workshop Oct 26 - 30
Next by thread: Re: an inbound SPD-check question
Index(es):
- Main
- Thread