Thanks for your explanation :) However, can you briefly explain what commands do I need to use for RSA Signature / RSA Encryption nounce?
THanks in advance. Hunt ""Matthew Crane"" wrote in message news:[EMAIL PROTECTED]... > There are basically 2 differences and I am going to assume that you > understand what CA & public/private keys are and how they work. > > a. RSA Signatures use a CA and provide non-repudiation i.e. you can prove to > a 3rd party that peerA did indeed have an encrypted conversation with the > peerB, because they both consulted the CA to allow the conversation to take > place. > > b. RSA Encryption or nonce does not use a CA and therefore provides for > repudiation or plausible deniability. However both peers must have the > others public key so they must either have these public keys manually > configured or have used a valid CA in the past. > > Is that what you were after or do you need more ? > > Hunt Lee wrote: > > > > It would be greatly appreciated if anyone could give me a hand > > on this. I > > have read the MCNS Ciscopress several times (in particular > > between Chapter > > 15 to 18), yet I am still very confused about this: > > > > For IKE Authentication, I understand that one can use either: > > > > pre-shared keys => > > > > crypto isakmp policy 100 > > authentication pre-share > > > > or RSA. => (more scalable than Pre-shared key) > > > > crypto isakmp policy 100 > > authentication rsa-sig > > > > > > However, on RSA, what is the difference between RSA encrypted > > nonces and RSA > > Signatures? > > > > Thanks in advance. > > > > Best Regards, > > Hunt Lee > > IP Solution Analyst > > Cable and Wireless Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=27418&t=26937 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]