[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-ikev2-01.txt

To: ipsec@lists.tislabs.com, dharkins@tibernian.com
Subject: Re: draft-ietf-ipsec-ikev2-01.txt
From: "Catherine A. Meadows" <meadows@itd.nrl.navy.mil>
Date: Wed, 27 Feb 2002 20:24:18 -0500 (EST)
Cc: meadows@itd.nrl.navy.mil
Sender: owner-ipsec@lists.tislabs.com

Dan:

I've got a question on the use of shared secrets to authenticate
messages in the Phase I exchange in ikev2-01.  I assume that shared
secrets are linked to the peers' identities. The initiator authenticates
before it has learned the responder's identity.  So, if it authenticates
using a shared secret, how does it determine what key to use?
Does it assume that the responder's IP address is its identity (as
I believe was done in IKEv1), or do we assume that the initiator has
some other way of learning the responder's identity?


Thanks in advance,

Cathy Meadows

Prev by Date: RE: draft-ietf-ipsec-ikev2-01.txt
Next by Date: Re: NAT Traversal
Prev by thread: Re: draft-ietf-ipsec-ikev2-01.txt
Next by thread: Re: draft-ietf-ipsec-ikev2-01.txt
Index(es):
- Date
- Thread