[Openswan dev] Re: [Openswan Users] [PATCH]
openswan-1.0.0-roadwarrior-psk-rsa.diff
Andreas Steffen
andreas.steffen at strongsec.net
Sat Mar 13 11:29:58 CET 2004
Michael Richardson wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> Or is the point to authenticate some RWs with PSK and others with
> RSA?
>
Yes this is the point. Up to now PSK and RSA roadwarrior connections
could not coexist since the first tentative rw connection was
chosen arbitrarily either accepting a PSK peer or an RSA peer.
Mathieu implemented an ISAKMP lookahead for packet MI1 which
finds out whether the peer desires PSK or RSA based authentication.
> - --
> ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
> ] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
> ] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
> ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.2 (GNU/Linux)
> Comment: Finger me for keys
>
> iQCVAwUBQFJ1DoqHRg3pndX9AQGF1gQA1BlDyXq0FDeT0VI8JIH4x84VemsSO21s
> FIzGPV+q57ol8nlrNcLvMNiPSArQXFA/dqd+U20+XZO5FF1zUPVUj1o40+RvYLOF
> oxnBHiXRYUonR/f1LPoIiVlN7sPmtdKvb+lhOqV9Mg1EPtPM5IxisETefYv9WoOv
> +mQVIZIlqvQ=
> =aewr
> -----END PGP SIGNATURE-----
Regards
Andreas
=======================================================================
Andreas Steffen e-mail: andreas.steffen at strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Zürichweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
More information about the Dev
mailing list