Re: RE2: Do ipsec vendors care about privacy?

[Antonio Forzieri <antonio.forzieri@cefriel.it>]

Hugo Krawczyk wrote:
[SNIP]

 > The question is: DOES THE RESPONDER (GATEWAY) NEED TO KNOW the value 
IDi IN ORDER TO DETERMINE THE CONTENTS OF THE EAP PAYLOAD SENT IN MESSAGE 4?

I think that only EAP people can give use the right response. I've just 
sent an e-mail to the eap WG asking about this problem, I hope they will 
give us feed-back as soon as possible.
In line a brief of the mail I sent to eap wg 2 minutes ago :

 >>Does the autheticator need to know the peer's identity before sending 
 >>an EAP(Request,MD5)? Or we can send that EAP message without knowing 
 >>the initiator identity? Is it possible a scenario like this?
 >>
 >>        Peer                             Authenticator
 >>       ------                           ---------------
 >>                              <--       EAP(Request,MD5)
 >>
 >>       IDi, EAP(Response,MD5) -->
 >>
 >>                              <--    EAP(Success/Failure)
[SNIP]

-- 
------------------------------------------------
Antonio Forzieri
CEFRIEL - Politecnico di Milano
Tesista Area E-Service Tecnologies
Tel: 02-23954.334 - email: forzieri@cefriel.it
ICQ# 177683894
------------------------------------------------