Performance: there is only one-way communication without need for using Diffie-Hellman computation and so on
Security: there is a need for server (KS) authentication only, so that RSA keypair is more than enough and it's more secure (don't want to start a war here which is better symmetric or asymmetric) because it is asymmetric encryption. Design: the nature of ISAKMP is point-to-point so it would be hard to run multicast rekey which is far more scalable than unicast rekey. Regards, Piotr 2011/11/26 waleed ' <[email protected]> > I have doubt regarding KS and GM authentication , regarding to the > documents that the authentication for first time come through ISAKMP > authentication mechanism and for rekey using RSA key pair , the question is > why not use ISAKMP for authentication in rekey too ? why we use RSA ? is it > related to performance or security issue ? > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
