[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IKEv2 and legacy Authentication
Hi,
I've read draft-ietf-ipsec-revised-identity-00.txt and I agree with Paul
Hoffman's idea of integrating Ikev2 with this draft.
I also read about the opprtunity of using legacy authentication with
Ikev2 however, what i can't understand is the way this kind of
authentication should work.
What should contain FullID payload in that case? (for example in
username and password scenario)
>From draft-ietf-ipsec-revised-identity-00.txt:
[CITE]
As simple scenario is username-and-password. The IDForSharedSecret is
the username, and the key added to the HMAC is the password.
[CITE]
What does it means?
Can one peer use Legacy authentication (remote user) and the other peer
(the SGTW) use another kind of auth (X.509 cert)?
Thanks
--
Antonio Forzieri
smime.p7s