[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SOI QUESTION: 3.4 Preferred ID for responder

To: ipsec@lists.tislabs.com
Subject: SOI QUESTION: 3.4 Preferred ID for responder
From: "Theodore Ts'o" <tytso@mit.edu>
Date: Tue, 25 Jun 2002 09:27:19 -0400
Phone: (781) 391-3464
Sender: owner-ipsec@lists.tislabs.com


Please discuss and answer this question:

3.4 Preferred ID for responder

3.4.A) In JFK and IKEv2, the initiator can include a payload is an 
indication to the responder as to what identity (and corresponding key 
material) the responder should use to authenticate to the initiator. In 
JFKr and IKEv2, this value is encrypted in message 3; in JFKi, it is sent 
in the clear in message 1, thereby allowing a passive attack on the 
responder's likely identity. Is it important to encrypt this identity?

Implications from the scenarios:

[none]

Follow-Ups:
- RE: SOI QUESTION: 3.4 Preferred ID for responder
  - From: "Stephane Beaulieu" <stephane@cisco.com>
- SOI QUESTIONS: 3.4 - 4.3
  - From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>
- Re: SOI QUESTION: 3.4 Preferred ID for responder
  - From: Jean-Jacques Puig <jean-jacques.puig@int-evry.fr>

Prev by Date: new draft: draft-ietf-ipsec-pki-profile-00.txt
Next by Date: SOI QUESTION: 4.1 Control channel vs. separate protocols
Prev by thread: new draft: draft-ietf-ipsec-pki-profile-00.txt
Next by thread: RE: SOI QUESTION: 3.4 Preferred ID for responder
Index(es):
- Date
- Thread