Hi,
We have published a new version of 'IKEv2 Redirect based Authentication
Offload and Proxy Session Resumption'
(draft-padmakumar-ikev2-redirect-and-auth-offload-02).
The draft may be accessed at:
http://tools.ietf.org/html/draft-padmakumar-ikev2-redirect-and-auth-offload-02
Abstract:
IKE
Hi,
We have published a new version of the IKEv2 Redirect and Authentication
Offload draft (draft-padmakumar-ikev2-redirect-and-auth-offload-01).
The draft may be accessed at:
http://www.ietf.org/internet-drafts/draft-padmakumar-ikev2-redirect-and-auth-offload-01.txt
Abstract:
IKEv2 supports mu
.
I'd like to have comments on this.
Thanks and Regards,
Padmakumar
-Original Message-
From: IETF I-D Submission Tool [mailto:idsubmiss...@ietf.org]
Sent: Thursday, July 09, 2009 7:28 PM
To: Padmakumar Av (paav)
Cc: Manikchand Bafna (manikrb); Pratima Sethi (psethi)
Subject: New Ve
th anycast address and fall back to some other VPN gateway for connection.
>
> Thanks,
> Raj
>
>
>
>
> On Thu, Jul 2, 2009 at 8:28 AM, Padmakumar AV wrote:
>
>> Hi Raj,
>> The case I mentioned is with usage of redirect during init exchange
>> destined t
ECTs.
> Draft has a mention of this scenario in Section 10.
>
> With Regards,
> Raj
>
>
> On Wed, Jul 1, 2009 at 4:24 PM, Padmakumar AV wrote:
>
>> Hi Vijay,
>>
>> I have a doubt regarding the usage of redirect during INIT exchange.
>>
>> A
Hi Vijay,
I have a doubt regarding the usage of redirect during INIT exchange.
An attacker in between spoke and hub spoofs the init exchange to anycast
address and then redirects it to another FAKE-HUB1 by specifying unicast
address of the FAKE-HUB1. FAKE-HUB1 subsequently redirects it to FAKE-HU