On Tue, 4 Mar 2014, Valery Smyslov wrote:
And in -01 draft I've added one more use case:o User wants to get some simple action from remote device. Consider garage door opener: it must authenticate user to open the door, but it is not necessary for the user to authenticate the door opener. In this case one-way authentication is sufficient. In this example there is no harm if garage door opener fills in its ID Payload - it need not be anonymous.
There is harm. An observer could figure out if it is me that's opening the door, or my wife or my kids. If the server (door) does not need it, don't send it. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
