[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)

To: <gwz@xxxxxxxxx>, <andrew.krywaniuk@xxxxxxxxxxx>, "'Ben McCann'" <bmccann@xxxxxxxxxxxxxx>
Subject: RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
From: "Andrew Krywaniuk" <andrew.krywaniuk@xxxxxxxxxxx>
Date: Mon, 19 Jun 2000 13:05:50 -0400
Cc: "'IPSRA list'" <ietf-ipsra@xxxxxxxx>
Importance: Normal
In-reply-to: <>
List-archive: <http://www.vpnc.org/ietf-ipsra/mail-archive/>
List-id: <ietf-ipsra.vpnc.org>
List-unsubscribe: <mailto:ietf-ipsra-request@vpnc.org?body=unsubscribe>
Reply-to: <andrew.krywaniuk@xxxxxxxxxxx>
Sender: owner-ietf-ipsra@xxxxxxxxxxxxx

Hi Glen,

> > Well, that was basically my point. None of the recent
> proposals have dealt
> > with the issue of authenticating both user and machine.

> Try L2TP/IPSec w/EAP-TLS.

I wasn't including that as a "recent proposal". I meant the more recent get
cert type drafts.

> > To be more precise, I should have asked: "What is the
> proposal for doing
> > this with user certs? Sign with both in MM5?"
>
> How can you authenticate a machine the same cert as the user?
>  Can't be
> done, i wouldn't think...

I meant if you had two different certs.

Andrew
--------------------------------------
Beauty with out truth is insubstantial.
Truth without beauty is unbearable.

Follow-Ups:
- RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
  - From: Hugo Krawczyk

References:
- RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
  - From: Glen Zorn

Prev by Date: RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Next by Date: l2tp as ipsra solution
Previous by thread: RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Next by thread: RE: Authentication Mechanism Matrix (was L2TP vs IPSEC)
Index(es):
- Date
- Thread