[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on CRACK

> My problem with this is that this seems like a security administrators job
> to ensure that the strength of the authentication mechanisms be well chosen
> and secure.  There's a lot of ways that an administrator could shoot himself
> in the foot.  I know that doesn't justify giving them one more bullet to
> shoot themselves with.  However, I would like to hear everyone else's
> opinion on this.  Should the use of pre-shared keys be restricted in XAUTH
> (or whatever other protocol) because it encourages the use of weak
> pre-shared keys?

If we need to take shared-secret  out of XAUTH, then why not out of IKE
all together?

The point here is that XAUTH merely extends IKE and thus incorporates
all of its security (or lack of).  Why is shared-secret IKE different
than shared-secret XAUTH?

Let me ask everyone who is interested;  How do we support existing
legacy user authentication within IKE without using a PKI ?

BTW: I don't like group-shared-secrets, but I strongly beleive that the
customer has to choose what level of security they want themselves.  We
can definately suggest the best security, but in the end it is up to the
customer's paranoia level to determine their security requirements.