l2tp as ipsra solution

[Sara Bitan <sarab@xxxxxxxxxxxx>]

Glen Zorn wrote:
> 
> Moshe Litvin [mailto:moshe@xxxxxxxxxxxxxx] writes:
> 
> > > > I didn't say the user authentication is useless. But the user user
> > > > authentication of PPP in the combination L2TP+IPsec is done AFTER
> > > > the SA are
> > > > established. If a complete authentication was done in IKE
> > > then farther
> > > > authentication is useless. If no authentication (or weak
> > > > authentication) was
> > > > done in IKE, then the PPP authentication is open to
> > > attacks, so it is
> > > > useless (or at least have VERY limmited use).
> > >
> > > Hmm. The only widespread implementation of L2TP/IPSec
> > > tunneling of which I'm
> > > aware uses public key authentication in IKE.  Are you saying that this
> > > leaves PPP authentication open to attacks?
> >
> > No. In this case I think that the PPP authentication is useless, since a
> > stronger one was performed (the certificate). I think that the machine
> > should be authenticated separately from the user is extremely rare.
> 
> The cert used in IKE _is_ a machine certificate; the user is authenticated
> via PPP (possibly with PK as well).  Access control is also applied by PPP,
> baasedd upon the user identity.  IPSec is just used to protect the data sent
> across the intervening, untrusted network.
> 

Our charter requires to "provide user authentication to *IKE*".
User authentication in the l2tp based solution is supplied by ppp, and is never
transferred to IKE. This solution does not provide a solution to our
requirements. The l2tp+ipsec discussion is irrelevant to this group, and should
be stopped on this mailing list.

 Sara.