This draft proposes an IKEv2 extension to allow mutual EAP-based authentication
in IKEv2, eliminating the need for one of the peers to present a certificate.
This applies to a small number of key-generating EAP methods that allow mutual
authentication.
Proposed starting point:
http://tools.ietf.org/id/draft-eronen-ipsec-ikev2-eap-auth-07.txt.
Please reply to the list:
- If this proposal is accepted as a WG work item, are you committing to review
multiple versions of the draft?
- Are you willing to contribute text to the draft?
- Would you like to co-author it?
Please also reply to the list if:
- You believe this is NOT a reasonable activity for the WG to spend time on.
If this is the case, please explain your position. Do not explore the fine
technical details (which will change anyway, once the WG gets hold of the
draft); instead explain why this is uninteresting for the WG or for the
industry at large. Also, please mark the title clearly (e.g. "DES40-export in
IPsec - NO!").
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
