[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Adding revised identities to IKEv2
Stu,
> <SNIP>
>I would suggest that we use Network Access Identifiers as per RFC 2486
>
As I understand it, an NAI is designed to identify a roaming user to
a service provider, not to a target system to which the user
connects. So, this would be an appropriate form of ID only when a
roaming user established an SA to the service provider as part of ???
I think I need to better understand the model in which IPsec is used
for what seems like an AAA problem.
Steve