[Joe] It seems that the server ID is as authenticated as the client ID. The server ID and client ID are associated with the shared key. If a different identity is asserted a different key would be selected and the protocol should fail.
Since more than one AAA server can have access to the credentials, I don't see how the client can verify which server it is talking to. It only knows that the server has access to the PSK, not which server it is.
_______________________________________________ Emu mailing list Emu@ietf.org https://www1.ietf.org/mailman/listinfo/emu