[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EAP without public key authentication

To: <ipsec@lists.tislabs.com>
Subject: EAP without public key authentication
From: Pasi.Eronen@nokia.com
Date: Wed, 18 Feb 2004 14:26:22 +0200
Sender: owner-ipsec@lists.tislabs.com
Thread-index: AcP2GmsLkuI7F1wFTMCCW33XPxtkEw==
Thread-topic: EAP without public key authentication

Hi,

The current IKEv2 draft (-12) specifies that EAP must be used 
together with public key signature based responder authentication.

To avoid delaying the IKEv2 base spec any further, I and Hannes wrote 
a separate draft outlining how EAP methods that provide mutual
authentication and key agreement could be used to provide extensible
responder authentication for IKEv2 based on other methods than
public-key signatures, and what security implications this has.

This is meant as a starting point for discussion, so comments
are very welcome!

http://www.ietf.org/internet-drafts/draft-eronen-ipsec-ikev2-eap-auth-00.txt

Best regards,
Pasi

Prev by Date: Question about EAP and CFG
Next by Date: Question about EAP and CFG
Previous by thread: Re: SAs that carry fragments Was: Re: Some IKEv2 issues
Next by thread: Traffic Selectors (was SA fragments)
Index(es):
- Date
- Thread