[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IKEv2 SA rekeying - naming an initial SA
On Tue, Aug 19, 2003 at 08:25:23PM -0700, Nicolas Williams wrote:
> On Tue, Aug 19, 2003 at 04:31:36PM -0400, Stephen Kent wrote:
> > IPsec has no anonymous mode, because access control is an essential
> > feature of IPsec, unlike SSL. So, no arguments based on the latter
> > paragraph of your message are likely to be appropriate in this
> > context.
>
> One would never want to use anonymous IPsec with any application *other*
> than applications which bind authentication at higher layers to IPsec
> SAs.
...
I'd also like to point out that if we allow non-kg EAPs then we might as
well allow anonymous IKEv2 :) :)
And if we allow IKEv2 w/ non-kg EAPs (with loud warnings) because we
think that others will implement the same regardless of whether it is a
MUST NOT, then we ought to allow anon IKEv2 for the same reason (and
also with loud warnings).
And note that anon IPsec with GSS-API CCM channel bindings to the same
is quite strong[*], compared to IPsec w/ non-kg EAPs. The former is not
subject to MITMs or spoofing, the latter is.
[*] As strong as the authentication and integrity protection services
of the underlying GSS-API mechanism.
Cheers,
Nico
--