[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: IKEv2: active user identity protection
I also support Hugo's suggested changes to provide this
protection. I think many end-user scenarios demand it.
Aggressive mode failed to protect identities and is
criticized for this (I heard today this exact criticism
from a customer). We still have a chance to fix this
without unnecessary delay.
Regards,
Jim
> -----Original Message-----
> From: Knospe, Heiko [mailto:Heiko.Knospe@t-systems.com]
> Sent: Friday, June 27, 2003 7:25 AM
> To: ipsec@lists.tislabs.com
> Subject: IKEv2: active user identity protection
>
>
> Dear all,
>
> I would also strongly support active user identity
> confidentiality protection for the initiator within IKEv2.
> The issue was recently raised by several people. We analysed
> the topic in the SHAMAN project and considered it a
> significant security requirement. It seems particularly
> important for wireless connections where attacks can easily
> be launched.
>
> Best wishes,
> Heiko Knospe
>
> T-Systems
> ITC Security
> Am Kavalleriesand 3
> D 64295 Darmstadt
> Germany
>
> Tel. ++49 6151 832033
>
>