[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.1 Identity protection questions?

To: ipsec@lists.tislabs.com
Subject: Re: SOI QUESTIONS: 2.1 Identity protection questions?
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Date: Wed, 19 Jun 2002 10:48:52 -0700
In-Reply-To: <E17KR8j-0001I7-00@think.thunk.org>
References: <E17KR8j-0001I7-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com

In the typical VPN scenario (either gateway-to-gateway or remote-access WAN):

- protection against passive attacks on the identities of each party 
is very important because you don't know who is going to initiate

- protection against active attacks against the identity of either 
party is useful, but not nearly as important as protection from 
passive attacks

- if a protocol can offer protection against active attack for only 
one of the two parties, protecting the identity of the responder is 
more important to prevent wandering identity sniffers

--Paul Hoffman, Director
--VPN Consortium

References:
- SOI QUESTIONS: 2.1 Identity protection questions?
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTIONS: 2.3 Authentication styles
Next by Date: Re: SOI QUESTIONS: 2.2 Perfect forward secrecy (PFS)
Prev by thread: Re: SOI QUESTIONS: 2.1 Identity protection questions?
Next by thread: Re: SOI QUESTIONS: 2.1 Identity protection questions?
Index(es):
- Date
- Thread