Hello, As can be inferred by my previous posting on EAP-only authentication, I favor this particular method for mutual authentication.
I believe this is a general purpose exchange, useful for more than the narrow focus of EAP-only, does not require extraneous encapsulations or unnecessary code (ala EAP-only), and is secure regardless of its use (unlike EAP-only). I am committed to working on this as a WG work item. I agree to continue contributing to the text and (co-)authoring the text. I solicit help, and support, from those who are interested in this task. regards, Dan. On Sun, November 29, 2009 9:20 am, Yaron Sheffer wrote: > This draft proposes a particular method for mutual authentication of IKEv2 > peers using a short, low quality shared secret (a.k.a. "password"). The > proposal is to embed this method in the IKE exchange, rather than use EAP. > > Proposed starting point: > http://tools.ietf.org/id/draft-harkins-ipsecme-spsk-auth-00.txt. > > Please reply to the list: > > - If this proposal is accepted as a WG work item, are you committing to > review multiple versions of the draft? > - Are you willing to contribute text to the draft? > - Would you like to co-author it? > > Please also reply to the list if: > > - You believe this is NOT a reasonable activity for the WG to spend time > on. > > If this is the case, please explain your position. Do not explore the fine > technical details (which will change anyway, once the WG gets hold of the > draft); instead explain why this is uninteresting for the WG or for the > industry at large. Also, please mark the title clearly (e.g. "DES40-export > in IPsec - NO!"). > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
