[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Réf. : RE: Please save the pre-shared key mode



                                                                                                                              
                                                                                                                              
                                                                                                                              




> The FreeS/WAN experience with preshared public keys suggests that most
any
> form of simple standardized self-contained authentication would suffice,
> e.g. preshared public keys or self-signed certificates.

SSH offers a very similar paradigm, and even provides PK bound to machines.
SSH _is_ widely deployed. The IETF has got a WG working on the Secure
Shell,
which is likely be very similar to OpenSSH. I believe there's some
convergence
to come out.

-Romain
disclaimer: Opinions hereby expressed are not those of my employer