[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on CRACK



"Steven M. Bellovin" wrote:
> 
> In message <3815F49E.BFABF7C9@xxxxxxxxx>, Roy Pereira writes:
> 
> >
> > Let me ask everyone who is interested;  How do we support existing
> > legacy user authentication within IKE without using a PKI ?
> 
> With a protocol that lets the customer download an encrypted private key/
> certificate pair from a server, followed by ordinary IKE.
> 
>                 --Steve Bellovin


Howdy ()
	<This note was sent to only the ipsra list>


	I always hate when people put words in my mouth, but just to make sure
I understand, are you saying that:

	A PKI, with per user granularity, 'MUST' be used to solve IPSec remote
access authentication?

-- 
####################################
#  Ricky Charlet
#	(510) 795-6903
#	rcharlet@xxxxxxxxxxxx
####################################

end Howdy;