[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: RE2: Do ipsec vendors care about privacy?

To: "'Antonio Forzieri'" <antonio.forzieri@cefriel.it>, "''IPsec WG ' '" <ipsec@lists.tislabs.com>
Subject: RE: RE2: Do ipsec vendors care about privacy?
From: "Yoav Nir" <ynir@CheckPoint.com>
Date: Sun, 23 Mar 2003 10:10:53 +0200
Importance: Normal
In-Reply-To: <3E7AF0FA.8050707@cefriel.it>
Sender: owner-ipsec@lists.tislabs.com

With GTC, the challenge is a string like "Enter your password" and the
response is also a string.  I think this is more useful than the other
methods for passing user/password from the client to the gateway.
With MD5-Challenge, the authenticator needs to issue the challenge.  You may
have some problems integrating it with various authentication servers.

-----Original Message-----
From: owner-ipsec@lists.tislabs.com
[mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Antonio Forzieri
Sent: Friday, March 21, 2003 1:01 PM
To: ''IPsec WG ' '
Subject: Re: RE2: Do ipsec vendors care about privacy?


[SNIP]

With CHAP (Or MD5-CHALLENGE) Hugo's proposal will work, however with OTP
and maybe with GTC I think that the responder needs to know the
Iniziator ID prior to send the OTP challenge.

--
------------------------------------------------
Antonio Forzieri
CEFRIEL - Politecnico di Milano
Tesista Area E-Service Tecnologies
Tel: 02-23954.334 - email: forzieri@cefriel.it
ICQ# 177683894
------------------------------------------------

References:
- Re: RE2: Do ipsec vendors care about privacy?
  - From: Antonio Forzieri <antonio.forzieri@cefriel.it>

Prev by Date: Re: Do ipsec vendors care about privacy?
Next by Date: RE: Do ipsec vendors care about privacy?
Prev by thread: Re: RE2: Do ipsec vendors care about privacy?
Next by thread: Re: Do ipsec vendors care about privacy?
Index(es):
- Date
- Thread