[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EAP-IKEv2 MITM prevention (Was: Re: The remaining IKEv2 issues)

To: ipsec@lists.tislabs.com
Subject: EAP-IKEv2 MITM prevention (Was: Re: The remaining IKEv2 issues)
From: Jari Arkko <jari.arkko@kolumbus.fi>
Date: Tue, 19 Aug 2003 23:07:00 +0300
Cc: "Theodore Ts'o" <tytso@mit.edu>, "Puthenkulam, Jose P" <jose.p.puthenkulam@intel.com>
In-Reply-To: <E19oneL-0003NU-00@think.thunk.org>
References: <E19oneL-0003NU-00@think.thunk.org>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225


I'd like to turn your attention to a document we are
developing in the EAP WG. "The Compound Authentication Binding
Problem" discusses the MITM problem which affects IKEv2 as
well as a number of other protocols such as PIC, PEAP, or
even HTTP Digest inside TLS. The document includes alternative
solutions and a discussion of their properties. It may be useful
reading in terms of the the IKEv2 EAP MITM discussion. The
document is work in progress; the authors feel that its more
or less done, but it has not been very widely reviewed. So,
we'd be very happy if some members of this WG could review the
document, particularly in the context of IKEv2. Here's the URL:

   http://www.ietf.org/internet-drafts/draft-puthenkulam-eap-binding-03.txt

Thanks,

Jari Arkko
(Co-chair of the EAP WG)

References:
- The remaining IKEv2 issues
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Re: The remaining IKEv2 issues
Next by Date: Re: The remaining IKEv2 issues
Prev by thread: Re: The remaining IKEv2 issues
Next by thread: EAP-IKEv2 MITM prevention (Was: Re: The remaining IKEv2 issues)
Index(es):
- Date
- Thread