In your previous mail you wrote: I want to know if there have been made additions to the IPsec part on IPv6. Something that bugs me to Ipsec on IPv4 is that it either required some system backed authentication (Kerberos), some CA issued certificate or the worst solution being a static keyphrase. Now to my question: Does IPsec in IPv6 allow adhoc connections not requiring any certificates, rather just doing a simple key exchange (e.g. using a set of randomly generated public keys), with the simple purpose to encrypt the connection? => I disagree: without authentication (by a pre-shared secret, certificate/signature or public key) you can be attacked by the Man-In-The-Middle, i.e., you can get a very secure connection with a bad guy, not the intended correspondent. There are some schemes where one participant can be anonymous, but at most one (i.e., never both).
Regards [EMAIL PROTECTED] PS: there is no difference between IPv4 and IPv6 in IPsec. -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
