[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI QUESTIONS: 2.1 Identity protection questions?



Hi !

	My 2 cents contribution (as a student):

> 2.1.A.)  Does SOI need to provide protection against passive
> attacks for the initiator?

YES

> 2.1.B.)  Does SOI need to provide protection against active
> attacks for the initiator?

YES

> 2.1.C.)  Does SOI need to provide protection against passive
> attacks for the responder?

YES ; Though I don't believe this to be usefull in VPNs ou Remote Access scenarios, it is desirable to provide a least a weak identity protection of each party.

> 2.1.D.)  Does SOI need to provide protection against active
> attacks for the responder?
	
NO ; IMHO, that is too strong a protection for host to host scenarios, and often meaningless for other scenarios (involving a well know gateway).

--
Jean-Jacques Puig