[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Authentication methods in IKEv2
At 11:45 AM +0300 11/11/02, Valery Smyslov wrote:
>I have some doubts about using of authentication methods in IKEv2.
>In IKEv2 negotiation of authentication methods was completely
>removed - each side simply uses his/her favourite method.
>I think this may lead to the lack of interoperability and extensibility
>in case one of the endpoints supports more than one method of
>authentication.
Two endpoints that trust each other need to know *how* they trust
each other before setting up a secure channel. IKEv1 blurred this
rule by giving the option of saying how each side was going to
authenticate. IKEv2 tightens this up.
>For example. Let's initiator support RSA and DSS and has certificates
>of the both types. Let's responder support only RSA. In this case,
>responder has no means in the protocol to explicitly indicate,
>that it will accept only RSA certificates.
Exactly right. The two sides must know in advance why they trust each other.
The worst-case scenario is that the responder tells the initiator "I
don't trust you", and the initiator tries again with a different
authentication mechanism.
For the rare case where the two endpoints don't really know each
other *and* are going to trust each other *and* have multiple
authentication mechanisms, we have eliminated a confusing option from
IKEv1. That's exactly what IKEv2 was designed to do.
--Paul Hoffman, Director
--VPN Consortium