Re: [IPsec] New PAKE Criteria draft posted (def. of gateway)
"Kaz Kobara" <kobara_conf@m.aist.go.jp> Thu, 25 March 2010 23:40 UTC
Return-Path: <kobara_conf@m.aist.go.jp>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CC6473A69BF for <ipsec@core3.amsl.com>; Thu, 25 Mar 2010 16:40:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.04
X-Spam-Level: *
X-Spam-Status: No, score=1.04 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, HELO_EQ_JP=1.244, HOST_EQ_JP=1.265]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dI-FKYTL3Qez for <ipsec@core3.amsl.com>; Thu, 25 Mar 2010 16:40:27 -0700 (PDT)
Received: from mx1.aist.go.jp (mx1.aist.go.jp [150.29.246.133]) by core3.amsl.com (Postfix) with ESMTP id 7EE7B3A683B for <ipsec@ietf.org>; Thu, 25 Mar 2010 16:40:27 -0700 (PDT)
Received: from rqsmtp1.aist.go.jp (rqsmtp1.aist.go.jp [150.29.254.115]) by mx1.aist.go.jp with ESMTP id o2PNenXU003071 for <ipsec@ietf.org>; Fri, 26 Mar 2010 08:40:49 +0900 (JST) env-from (kobara_conf@m.aist.go.jp)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=m.aist.go.jp; s=aist; t=1269560449; bh=cKmq1V4e4sbLpfVoIX/bEpz27dm3fy+nZRaA5vH0SvY=; h=From:Date:Message-ID; b=nTdsNzvgAtQS2McDB0dNS/wsi8dKnZTytdP64JYbhrG3uzHmUOF+FyxO/tUJBZlIf u/QXbAOWG+GknWkWj1N+yTCAiTgpepC67rGXXEVZTQ8alCEjEGqbCK4kUDOpNksRd8 gx3zz0At7bd6vUmASTjYfuT6juN76+seiqGv9A8I=
Received: from smtp3.aist.go.jp by rqsmtp1.aist.go.jp with ESMTP id o2PNemHp004445 for <ipsec@ietf.org>; Fri, 26 Mar 2010 08:40:48 +0900 (JST) env-from (kobara_conf@m.aist.go.jp)
Received: by smtp3.aist.go.jp with ESMTP id o2PNelkC006258 for <ipsec@ietf.org>; Fri, 26 Mar 2010 08:40:48 +0900 (JST) env-from (kobara_conf@m.aist.go.jp)
From: Kaz Kobara <kobara_conf@m.aist.go.jp>
To: ipsec@ietf.org
Date: Fri, 26 Mar 2010 08:40:51 +0900
Message-ID: <015701cacc74$9b0f3c20$d12db460$@aist.go.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcrMSajKfQlL1qC9RXauA2xWjjDOaQADzTAQAAbMQtA=
Content-Language: ja
Subject: Re: [IPsec] New PAKE Criteria draft posted (def. of gateway)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Mar 2010 23:40:28 -0000
Hi Yaron > draft-sheffer-ipsecme-pake-criteria-02.txt says in Page 4 > "This document is limited to the use of password-based authentication to > achieve trust between gateways" I would like to make sure that "gateway" in this document does not encompass VPN clients and hosts, right? Kaz > -----Original Message----- > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of > Yaron Sheffer > Sent: Friday, March 26, 2010 3:31 AM > To: SeongHan Shin > Cc: IPsecme WG; Kazukuni Kobara > Subject: Re: [IPsec] New PAKE Criteria draft posted > > Hi Shin, > > Yes. For the typical remote access VPN, EAP is typically more useful. > Note that there is still need for strong password-based mutual > authentication EAP methods - but their home is the EMU working group. > > In addition, the IPsecME has another charter item designed to fit such > EAP methods (such as the future EAP-AugPAKE :-) into IKEv2. > > Please see again the group's charter, > http://tools.ietf.org/wg/ipsecme/charters. > > Thanks, > Yaron > > On 25.3.2010 20:07, SeongHan Shin wrote: > > Dear Yaron Sheffer, > > > > I have one question about the draft. > > > > draft-sheffer-ipsecme-pake-criteria-02.txt says in Page 4 > > "This document is limited to the use of password-based authentication > to > > achieve trust between gateways" > > > > Is this a consensus of this WG? > > > > Best regards, > > Shin > > > > On Thu, Mar 25, 2010 at 3:46 PM, Yaron Sheffer <yaronf.ietf@gmail.com > > <mailto:yaronf.ietf@gmail.com>> wrote: > > > > Hi, > > > > after the good discussion in Anaheim, and with the help of comments > > received on and off the list, I have updated the PAKE Criteria draft > > and posted it as > > > http://www.ietf.org/id/draft-sheffer-ipsecme-pake-criteria-02.txt. > > > > I have added a number of criteria, clarified others, and added > > numbering (SEC1-SEC6, IPR1-IPR3 etc.). > > > > Thanks, > > Yaron > > _______________________________________________ > > IPsec mailing list > > IPsec@ietf.org <mailto:IPsec@ietf.org> > > https://www.ietf.org/mailman/listinfo/ipsec > > > > > > > > > > -- > > ------------------------------------------------------------------ > > SeongHan Shin > > Research Center for Information Security (RCIS), > > National Institute of Advanced Industrial Science and Technology (AIST), > > Room no. 1003, Akihabara Daibiru 10F, > > 1-18-13, Sotokannda, Chiyoda-ku, Tokyo 101-0021 Japan > > Tel : +81-3-5298-2722 > > Fax : +81-3-5298-4522 > > E-mail : seonghan.shin@aist.go.jp <mailto:seonghan.shin@aist.go.jp> > > ------------------------------------------------------------------ > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- Re: [IPsec] New PAKE Criteria draft posted (def. … Kaz Kobara
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Kaz Kobara
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Kaz Kobara
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Dan Harkins
- Re: [IPsec] New PAKE Criteria draft posted (def. … Kaz Kobara
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Kaz Kobara
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Paul Hoffman
- Re: [IPsec] New PAKE Criteria draft posted (def. … Tero Kivinen
- Re: [IPsec] New PAKE Criteria draft posted (def. … Raj Singh
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer
- Re: [IPsec] New PAKE Criteria draft posted (def. … Raj Singh
- Re: [IPsec] New PAKE Criteria draft posted (def. … Yaron Sheffer