Re: [IPsec] I-D Action:draft-ietf-ipsecme-eap-mutual-04.txt
Yaron Sheffer <yaronf.ietf@gmail.com> Tue, 15 June 2010 05:02 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 146833A6A2D for <ipsec@core3.amsl.com>; Mon, 14 Jun 2010 22:02:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.299
X-Spam-Level:
X-Spam-Status: No, score=-1.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8VsWRjrYzfeP for <ipsec@core3.amsl.com>; Mon, 14 Jun 2010 22:02:17 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 511163A6802 for <ipsec@ietf.org>; Mon, 14 Jun 2010 22:02:17 -0700 (PDT)
Received: by wya21 with SMTP id 21so775830wya.31 for <ipsec@ietf.org>; Mon, 14 Jun 2010 22:02:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=70V4yq4IX2DG1Qg1Iqm0k3e5Fyeoq4n9fgNFTmFHdP0=; b=TDi6PmJxp0tECWchSJScz0fH7f8om5F5B8ER8Zr51dx8l9ESDx+4AHhFSz4DXCtluA t1CT4oy2lusZoSBLWlmZSCgcdXzQ2PggLpe0sqhYN3T0gqlnxGvBcvOqHY8NpXTf5Q30 r5/1zHWT1iezyc6gOXdR9f4Uz7u9glKi4vww0=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=lC6dP77LzqUFiEEnDhZhauVmg8o9TIqJ9KAUbvlxplPhi9c5YuiTxRgdxMQMwBF9Gf y/lmzyLINpurH5fmYrgJTUrO34lbCdCIZYfhxlkgvqkIPEtFB48a276mMy5FmH4woY42 J+0ZwHVpaIEeOcJGIeuc+FbJ6PiojU57PUoBE=
Received: by 10.227.135.195 with SMTP id o3mr6512153wbt.120.1276578138086; Mon, 14 Jun 2010 22:02:18 -0700 (PDT)
Received: from [10.0.0.2] (bzq-79-178-30-177.red.bezeqint.net [79.178.30.177]) by mx.google.com with ESMTPS id y31sm42827912wby.22.2010.06.14.22.02.15 (version=SSLv3 cipher=RC4-MD5); Mon, 14 Jun 2010 22:02:16 -0700 (PDT)
Message-ID: <4C170954.709@gmail.com>
Date: Tue, 15 Jun 2010 08:02:12 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100423 Lightning/1.0b1 Thunderbird/3.0.4
MIME-Version: 1.0
To: V Jyothi-B22245 <B22245@freescale.com>
References: <20100614191503.C33133A6936@core3.amsl.com> <402621A7D69DDA458D0E12F070D1E55F84BC65@zin33exm29.fsl.freescale.net>
In-Reply-To: <402621A7D69DDA458D0E12F070D1E55F84BC65@zin33exm29.fsl.freescale.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: ipsec@ietf.org
Subject: Re: [IPsec] I-D Action:draft-ietf-ipsecme-eap-mutual-04.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Jun 2010 05:02:19 -0000
Hi Jyothi, the proposed protocol is asymmetric. So you will need to make sure somehow that gw1 is always the initiator. Thanks, Yaron On 06/15/2010 06:44 AM, V Jyothi-B22245 wrote: > Hi, > > To my knowledge, each EAP method has client and server implementation. > > Suppose if there are two gateways: gw1 and gw2, gw1 has EAP client > implementation and gw2 has EAP server implementation. > Irrespective of IKEv2 acting as initiator or responder, can gw1 act as > only EAP client and gw2 act as only EAP server. > With this posted draft, is it possible to achieve this functionality. > > Thanks > Jyothi > > -----Original Message----- > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf > Of Internet-Drafts@ietf.org > Sent: Tuesday, June 15, 2010 12:45 AM > To: i-d-announce@ietf.org > Cc: ipsec@ietf.org > Subject: [IPsec] I-D Action:draft-ietf-ipsecme-eap-mutual-04.txt > > A New Internet-Draft is available from the on-line Internet-Drafts > directories. > This draft is a work item of the IP Security Maintenance and Extensions > Working Group of the IETF. > > > Title : An Extension for EAP-Only Authentication in > IKEv2 > Author(s) : P. Eronen, et al. > Filename : draft-ietf-ipsecme-eap-mutual-04.txt > Pages : 15 > Date : 2010-06-14 > > IKEv2 specifies that EAP authentication must be used together with > public key signature based responder authentication. This is necessary > with old EAP methods that provide only unilateral authentication using, > e.g., one-time passwords or token cards. > > This document specifies how EAP methods that provide mutual > authentication and key agreement can be used to provide extensible > responder authentication for IKEv2 based on methods other than public > key signatures. > > A URL for this Internet-Draft is: > http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-eap-mutual-04.txt > > Internet-Drafts are also available by anonymous FTP at: > ftp://ftp.ietf.org/internet-drafts/ > > Below is the data which will enable a MIME compliant mail reader > implementation to automatically retrieve the ASCII version of the > Internet-Draft. > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] I-D Action:draft-ietf-ipsecme-eap-mutual-… Internet-Drafts
- Re: [IPsec] I-D Action:draft-ietf-ipsecme-eap-mut… V Jyothi-B22245
- Re: [IPsec] I-D Action:draft-ietf-ipsecme-eap-mut… Yaron Sheffer