Re: [Emu] Question on EAP-IKEv2

To: Ali Fessi <ali.fessi at uni-tuebingen.de>
Subject: Re: [Emu] Question on EAP-IKEv2
From: Hannes Tschofenig <Hannes.Tschofenig at gmx.net>
Date: Sun, 04 May 2008 18:55:57 +0300
Cc: emu at ietf.org
Delivered-to: ietfarch-emu-web-archive at core3.amsl.com
Delivered-to: emu at core3.amsl.com
In-reply-to: <47FD1B3F.2050401@uni-tuebingen.de>
List-archive: <http://www.ietf.org/pipermail/emu>
List-help: <mailto:emu-request@ietf.org?subject=help>
List-id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-post: <mailto:emu@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
References: <47FD1B3F.2050401@uni-tuebingen.de>
Sender: emu-bounces at ietf.org
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

That's one reason.

The other one is to be able to have a strong password based mechanism.
When you reverse the roles of client and server then you allow the 
server to be authenticated first before you present your "password".

Finally, reversing the roles allows you to offer active user identity 
confidentiality.

Ciao
Hannes

Ali Fessi wrote:
> Hi,
>
> I wonder why the IKEv2 exchange in EAP-IKEv2 is initiated by the server.
>
> (See, RFC 5106, Page 7, Figure 1, message 3)
>
> Is the reason to save two messages, for example, compared to EAP-TLS?
>
> Best,
>   Ali
>
> _______________________________________________
> Emu mailing list
> Emu at ietf.org
> https://www.ietf.org/mailman/listinfo/emu
>   

_______________________________________________
Emu mailing list
Emu at ietf.org
https://www.ietf.org/mailman/listinfo/emu

Follow-Ups:
- Re: [Emu] Question on EAP-IKEv2
  - From: Gene Chang (genchang)

References:
- [Emu] Question on EAP-IKEv2
  - From: Ali Fessi

Prev by Date: Re: [Emu] EMU charter revision,
Next by Date: Re: [Emu] Question on EAP-IKEv2
Previous by thread: [Emu] Question on EAP-IKEv2
Next by thread: Re: [Emu] Question on EAP-IKEv2
Index(es):
- Date
- Thread

Re: [Emu] Question on EAP-IKEv2

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.