Skip to main content

User-level Authentication Mechanisms for IPsec
draft-kelly-ipsra-userauth-00

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Jim Knowles , Dr. Bernard D. Aboba , Scott G. Kelly
Last updated 1999-10-18
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

IPsec, when used with IKE [RFC2409], provides for authentication of endpoints from the device level to the user level. However, there has been movement within the IPsec development community to provide additional support for legacy user-level authentication mechanisms such as those supported by RADIUS [RFC2138]. At least 2 approaches to this problem have been proposed thus far, both using the same basic underlying framework, but that underlying framework relies upon extending IKE in ways that may not be prudent. This document proposes an alternative approach which provides much of the same functionality without requiring any modification to the existing IPsec framework.

Authors

Jim Knowles
Dr. Bernard D. Aboba
Scott G. Kelly

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)