[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKEv2 and legacy Authentication

To: <ipsec@lists.tislabs.com>
Subject: IKEv2 and legacy Authentication
From: "Antonio Forzieri" <antonio.forzieri@cefriel.it>
Date: Wed, 6 Nov 2002 11:23:13 +0100
Sender: owner-ipsec@lists.tislabs.com
Thread-Index: AcKFfoLEoPw3pjk5QeiOOVz5LMTTAA==
Thread-Topic: IKEv2 and legacy Authentication

Hi,
I've read draft-ietf-ipsec-revised-identity-00.txt and I agree with Paul
Hoffman's idea of integrating Ikev2 with this draft.
I also read about the opprtunity of using legacy authentication with
Ikev2 however, what i can't understand is the way this kind of
authentication should work.
What should contain FullID payload in that case? (for example in
username and password scenario)

>From draft-ietf-ipsec-revised-identity-00.txt:

[CITE]
As simple scenario is username-and-password. The  IDForSharedSecret is
the username, and the key added to the HMAC is the password. 
[CITE]

What does it means?

Can one peer use Legacy authentication (remote user) and the other peer
(the SGTW) use another kind of auth (X.509 cert)?

Thanks

-- 
Antonio Forzieri

smime.p7s

Prev by Date: Re: request to review draft in mobile IP wg
Next by Date: I-D ACTION:draft-ietf-ipsec-udp-encaps-04.txt
Prev by thread: Re: request to review draft in mobile IP wg
Next by thread: I-D ACTION:draft-ietf-ipsec-udp-encaps-04.txt
Index(es):
- Date
- Thread