[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SOI QUESTION: 3.4 Preferred ID for responder

To: "Theodore Ts'o" <tytso@mit.edu>, <ipsec@lists.tislabs.com>
Subject: RE: SOI QUESTION: 3.4 Preferred ID for responder
From: "Stephane Beaulieu" <stephane@cisco.com>
Date: Tue, 25 Jun 2002 10:41:34 -0400
Importance: Normal
In-Reply-To: <E17MqLn-0004eh-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com


>
>
> Please discuss and answer this question:
>
> 3.4 Preferred ID for responder
>
> 3.4.A) In JFK and IKEv2, the initiator can include a payload is an
> indication to the responder as to what identity (and corresponding key
> material) the responder should use to authenticate to the initiator. In
> JFKr and IKEv2, this value is encrypted in message 3; in JFKi, it is sent
> in the clear in message 1, thereby allowing a passive attack on the
> responder's likely identity. Is it important to encrypt this identity?

Isn't this the same question as 2.1.C? or am I just reading it wrong?


>
> Implications from the scenarios:
>
> [none]

Follow-Ups:
- RE: SOI QUESTION: 3.4 Preferred ID for responder
  - From: Jan Vilhuber <vilhuber@cisco.com>

References:
- SOI QUESTION: 3.4 Preferred ID for responder
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: SOI QUESTION: 4.1 Control channel vs. separate protocols
Next by Date: RE: SOI QUESTION: 4.1 Control channel vs. separate protocols
Prev by thread: SOI QUESTION: 3.4 Preferred ID for responder
Next by thread: RE: SOI QUESTION: 3.4 Preferred ID for responder
Index(es):
- Date
- Thread