I am looking at a HIT enrollment function using 5403-bis. But why
should the Registrar accept the Register. This is our basic need of an
Out-off-Band process to trust an enrollment.
So assume that some process establishes a PSK between the two parties.
Perhaps a failed enrollment that sent the phone's # that returns an SMS
message with the PSK. The enrollment then grabs that PSK and uses a
PAKE HIP parameter for authentication. This would be stronger than what
I have in DEX...
I would like to get the draft done this week, or early next week. It is
mostly written. But I need to put in the trust for the enrollment. I
can either lift what I have in DEX, or go with one of the PAKE efforts
in CFRG. But which one and how would it work in HIP BEX/DEX?
Thanks
_______________________________________________
Hipsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/hipsec
