On Sat, 11 Jan 2014, Yaron Sheffer wrote:
I regularly use SSH, which binds a public key fingerprint to a DNS name. It's usable, and not too complicated.
But always requires a human decision.
I believe some limited form of channel binding can work. Specifically, I am thinking of post facto authentication, e.g. by reading out the fingerprint on the phone.
As I explained before, I don't see why we need to complicate the OE cases with other cases that can be done perfectly fine with existing authenticated IPsec. There is no issue setting up two IPsec connections, one authenticated and one anonymous. Seeing how many prefer 1000's of narrowed IKEv2 tunnels over a single net-net tunnel, I don't see why your use case requires complicating the OE case.
Regarding audit, we can mandate that each record should say something like "Snow White (claimed but unauthenticated identity)".
You are suggesting client side security? I don't understand. If I would write software where an ID is sent but completely unauthenticated and falsifiable, I would probably just not log it to avoid confusion. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
