[Swan-dev] [IPsec] Mandatory Public Key based authentication with EAP (fwd)

Paul Wouters paul at nohats.ca
Sun Nov 2 01:37:58 EET 2014

---------- Forwarded message ----------
Date: Mon, 22 Sep 2014 10:30:17
From: Yaron Sheffer <yaronf.ietf at gmail.com>
To: Tero Kivinen <kivinen at iki.fi>, ipsec at ietf.org,
     Rahul Vaidya <rahul.stds at gmail.com>
Subject: Re: [IPsec] Mandatory Public Key based authentication with EAP

So for the record, I do think we should add to RFC 5996, at the end of the 
paragraph that starts with "An implementation using EAP MUST also use a 
public-key-based" something like:

As an exception to this rule, public key authentication of the server is not 
required when using the extension defined in [RFC5998].


On 09/22/2014 02:59 PM, Tero Kivinen wrote:
> As there has not been any support in the list to add anything like
> this to the draft-kivinen-ikev2-rfc5996bis, I assume we do not then
> need to change it.

IPsec mailing list
IPsec at ietf.org

More information about the Swan-dev mailing list