In message <>, Roy Pereira writes: > > Let me ask everyone who is interested; How do we support existing > legacy user authentication within IKE without using a PKI ? With a protocol that lets the customer download an encrypted private key/ certificate pair from a server, followed by ordinary IKE. --Steve Bellovin