[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New XAUTH draft

To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Subject: Re: New XAUTH draft
From: Dan Harkins <dharkins@network-alchemy.com>
Date: Thu, 30 Sep 1999 20:44:40 -0700
cc: ipsec@lists.tislabs.com, ietf-ipsra@vpnc.org
In-reply-to: Your message of "Thu, 30 Sep 1999 21:04:18 EDT." <199910010104.VAA04142@pzero.sandelman.ottawa.on.ca>
Sender: owner-ipsec@lists.tislabs.com

On Thu, 30 Sep 1999 21:04:18 EDT you wrote
>   
>   Dan, I have a question (even though I've been trying hard to delete every
> message that says "XAUTH" or "Hybrid" in it), do *you* prefer hybrid to XAUTH
>?

Yes. Hybrid+XAUTH is much better than XAUTH. It prevents the m-in-m issue
by authenticating the IKE SA (unidirectionally, but authenticating it
nonetheless) prior to doing the XAUTH stuff. But the client does not bind
himself in any way to the SKEYID state even with Hybrid+XAUTH. It might
not matter and I'm not a cryptographer but it just rubs the wrong way.

A much better solution would be for Hybrid to not proceed to XAUTH but to
use its secure channel to authenticate a (raw) public key for the client 
and then use that key to do a standard digital signature authentication.
That whole phase 1.5 stuff is an unnecessary complication on an already
extremely complicated protocol. Sometimes you proceed from 1 to 2 other
times it's 1 to 1.5 to 2. Error prone. Yeech.

  Dan.

References:

Re: New XAUTH draft

From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

Prev by Date: Re: [Fwd: New XAUTH draft]
Prev by thread: Re: New XAUTH draft
Next by thread: Re: New XAUTH draft
Index(es):
- Main
- Thread