On Mon, 8 Sep 2014, [email protected] wrote:
Maybe.
I understand and support the rationale for this draft.
The Security Considerations seems to be inadequate. Whenever possible, real
authentication should be used. So the Security Considerations should
explicitly and strongly emphasize that, and recommend that products that
incorporate Null authentication should strive to avoid its use whenever
possible, and steer users away from its use when they can.
I think that is better formulated as "use null authentication only if the
alternative is to send plaintext".
A related question: does the use of Null authentication open up the Bellovin
attack? It seems that it would. If so, my answer changes to “NO”.
I find multiple references to a "Bellovin attack", but all seem to be active
attacks. Unauthenticated connections are not protected from active attacks.
However, with IKE one peer can authenticate the other without letting itself
be authenticated - like TLS clients. That _is_ a protection against
active attacks while still using null auth in one direction.
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
