Hi,
- Original Message -
From: Yoav Nir y...@checkpoint.com
To: Qin Wu sunse...@huawei.com
Cc: ipsec@ietf.org
Sent: Wednesday, May 04, 2011 1:30 PM
Subject: Re: [IPsec] New I-D: draft-nir-ipsecme-erx-00
On May 4, 2011, at 4:50 AM, Qin Wu wrote:
- I am missing the authenticated
On May 4, 2011, at 9:18 AM, Qin Wu wrote:
Hi,
- Original Message -
From: Yoav Nir y...@checkpoint.com
To: Qin Wu sunse...@huawei.com
Cc: ipsec@ietf.org
Sent: Wednesday, May 04, 2011 1:30 PM
Subject: Re: [IPsec] New I-D: draft-nir-ipsecme-erx-00
On May 4, 2011, at 4:50 AM,
Hi,
- Original Message -
From: Yoav Nir y...@checkpoint.com
To: Qin Wu sunse...@huawei.com
Cc: ipsec@ietf.org; ho...@ietf.org
Sent: Wednesday, May 04, 2011 3:00 PM
Subject: Re: [IPsec] New I-D: draft-nir-ipsecme-erx-00
On May 4, 2011, at 9:18 AM, Qin Wu wrote:
Hi,
- Original
On Tue, May 3, 2011 10:30 pm, Yoav Nir wrote:
[snip]
The Authenticator needs the true identity to make policy decisions.
Well then DO NOT use EAP for authentication.
Dan.
___
IPsec mailing list
IPsec@ietf.org
Hi Dan,
On May 4, 2011, at 9:47 PM, Dan Harkins wrote:
On Tue, May 3, 2011 10:30 pm, Yoav Nir wrote:
[snip]
The Authenticator needs the true identity to make policy decisions.
Well then DO NOT use EAP for authentication.
Dan.
I'm sure I don't understand your point. The IKE
On Wed, May 4, 2011 12:11 pm, Yoav Nir wrote:
Hi Dan,
On May 4, 2011, at 9:47 PM, Dan Harkins wrote:
On Tue, May 3, 2011 10:30 pm, Yoav Nir wrote:
[snip]
The Authenticator needs the true identity to make policy decisions.
Well then DO NOT use EAP for authentication.
Dan.
I'm sure