Hi Shin,
Yes. For the typical remote access VPN, EAP is typically more useful.
Note that there is still need for strong password-based mutual
authentication EAP methods - but their home is the EMU working group.
In addition, the IPsecME has another charter item designed to fit such
EAP methods (such as the future EAP-AugPAKE :-) into IKEv2.
Please see again the group's charter,
http://tools.ietf.org/wg/ipsecme/charters.
Thanks,
Yaron
On 25.3.2010 20:07, SeongHan Shin wrote:
Dear Yaron Sheffer,
I have one question about the draft.
draft-sheffer-ipsecme-pake-criteria-02.txt says in Page 4
“This document is limited to the use of password-based authentication to
achieve trust between gateways”
Is this a consensus of this WG?
Best regards,
Shin
On Thu, Mar 25, 2010 at 3:46 PM, Yaron Sheffer <[email protected]
<mailto:[email protected]>> wrote:
Hi,
after the good discussion in Anaheim, and with the help of comments
received on and off the list, I have updated the PAKE Criteria draft
and posted it as
http://www.ietf.org/id/draft-sheffer-ipsecme-pake-criteria-02.txt.
I have added a number of criteria, clarified others, and added
numbering (SEC1-SEC6, IPR1-IPR3 etc.).
Thanks,
Yaron
_______________________________________________
IPsec mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/ipsec
--
------------------------------------------------------------------
SeongHan Shin
Research Center for Information Security (RCIS),
National Institute of Advanced Industrial Science and Technology (AIST),
Room no. 1003, Akihabara Daibiru 10F,
1-18-13, Sotokannda, Chiyoda-ku, Tokyo 101-0021 Japan
Tel : +81-3-5298-2722
Fax : +81-3-5298-4522
E-mail : [email protected] <mailto:[email protected]>
------------------------------------------------------------------
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
