Re: l2tp as ipsra solution

[Daniel Fox <dfox@xxxxxxxxxxxxxxxxxxxx>]

Chinna,

There are plenty of security conscious organizations that use PAP or CHAP.  PAP is
historical, but is still in widespread use.  CHAP is an active IETF protocol that
needs to be supported.  The cost of SecureID on a per-user basis far exceeds the
cost of a VPN, equipment and all.  These security conscious customers (using PAP
or CHAP) are willing to pay the extra cost of a VPN for the extra security it
provides, but the management cost of migrating to PKI all at once is a bitter
pill.

Our charter specifically mentions username/password as a legacy authentication
mechanism that needs to be supported.  I see no reason to change the charter.

"CHINNA N.R. PELLACURU" wrote:

>
>
> This is the kind of authentiction mechanisms, that *all* (atleast *all*
> security consious customers) are using currently. I don't think any
> security consious customer is using PAP or CHAP. I think these protocols
> are provided in the litrature for completeness (or from a historic
> perspective).
>

begin:vcard 
n:Fox;Daniel
tel;work:978-206-0405
x-mozilla-html:FALSE
url:http://www.ennovatenetworks.com
org:Ennovate Networks
adr:;;60 Codman Hill Road;Boxborough;MA;01719;USA
version:2.1
email;internet:dfox@xxxxxxxxxxxxxxxxxxxx
title:Principal Software Engineer
fn:Daniel Fox
end:vcard