Hi Dan, The lack or EAP authentication would be a non-starter for us to implement this in our remote access VPN client. Why not support EAP authentication?
Regards, David -----Original Message----- From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf Of Dan Harkins Sent: Friday, October 12, 2012 7:02 PM To: ipsec@ietf.org Subject: [IPsec] New I-D on IKEv3 Hello, I just submitted a new I-D that defines version 3 of IKE. The goals of this draft are to make a more easily understood, and simpler protocol that has a high degree of probability of achieving interoperability. It should be easier to read, easier to understand, and easier to implement. To those ends it: - severely limits the negotiable parameters and options - no long-term IKE SA, it's one and done - has a simple state machine which, if followed, should ensure the implementation interoperates with other implementations - is a true peer-to-peer protocol Please take a look and send me your comments! If you plan on implementing this protocol then definitely contact me, I want to interoperate with you. regards, Dan. ----------------------------------------------------------- Filename: draft-harkins-ikev3 Revision: 00 Title: The (Real) Internet Key Exchange Creation date: 2012-10-12 WG ID: Individual Submission Number of pages: 41 URL: http://www.ietf.org/internet-drafts/draft-harkins-ikev3-00.txt Status: http://datatracker.ietf.org/doc/draft-harkins-ikev3 Htmlized: http://tools.ietf.org/html/draft-harkins-ikev3-00 _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
