Hi All, I submitted a new draft draft-padmakumar-ikev2-redirect-and-auth-offload-00 ( http://www.ietf.org/internet-drafts/draft-padmakumar-ikev2-redirect-and-auth-offload-00.txt ).
This draft discuss IKEv2 redirect based mechanism to offload Authenication related work to a trusted third party. I'd like to have comments on this. Thanks and Regards, Padmakumar -----Original Message----- From: IETF I-D Submission Tool [mailto:[email protected]] Sent: Thursday, July 09, 2009 7:28 PM To: Padmakumar Av (paav) Cc: Manikchand Bafna (manikrb); Pratima Sethi (psethi) Subject: New Version Notification for draft-padmakumar-ikev2-redirect-and-auth-offload-00 A new version of I-D, draft-padmakumar-ikev2-redirect-and-auth-offload-00.txt has been successfuly submitted by A Padmakumar and posted to the IETF repository. Filename: draft-padmakumar-ikev2-redirect-and-auth-offload Revision: 00 Title: IKEv2 Redirect and Authentication Offload Creation_date: 2009-07-09 WG ID: Independent Submission Number_of_pages: 14 Abstract: IKEv2 is a component of IPsec used for performing mutual authentication and establishing and maintaining security associations (SAs). Redirect Mechanism for IKEv2 proposes a mechanism for IKEv2 that enables a VPN gateway to redirect the VPN client to another VPN gateway, for example, based on the load condition. Redirect mechanism can also be used to redirect a client to another router (Trust Anchor) to do mutual authentication on behalf of the server. After mutual authentication Trust Anchor can redirect the client back to the server with an Access Token which can be used as a pre-shared key between the server and client for password based IKE_AUTH exchange. This document describes a mechanism to use IKEv2 redirects to offload such verifications to another trusted third party. The IETF Secretariat.
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
