Re: [Mip4] dynamic keys

To: "Jeremy A. Greene" <Jeremy at TataraSystems.com>
Subject: Re: [Mip4] dynamic keys
From: Henrik Levkowetz <henrik at levkowetz.com>
Date: Wed, 11 Feb 2004 01:33:42 +0100
Cc: <mip4 at ietf.org>, <aaa-wg at merit.edu>
In-reply-to: <87ED4812394BA14980CC352C3A7483CC816700@tatara.tatarasystems.com>
List-help: <mailto:mip4-request@ietf.org?subject=help>
List-id: Mobility for IPv4 <mip4.ietf.org>
List-post: <mailto:mip4@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/mip4>,<mailto:mip4-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/mip4>,<mailto:mip4-request@ietf.org?subject=unsubscribe>
References: <87ED4812394BA14980CC352C3A7483CC816700@tatara.tatarasystems.com>
Sender: mip4-admin at ietf.org

Hi Jeremy,

Tuesday 10 February 2004, Jeremy A. Greene wrote:
> So, it doesn't make the initial deployment any easier (if there's one
> HA), just ongoing use more secure. Each MN needs to be manually
> configured in some manually intensive secure manner and/or use a
> proprietary mechanism.
> 
> I guess I was looking more for a standardized server-side-only (aaa)
> configuration solution. More like the web, using server-side cert and
> client-side username/pw (over ssl).

But this is the same difference.  If you can distribute username/passwd
individually to users, you have your initial deployment shared secret,
no?

	Henrik

Attachment: pgp00082.pgp
Description: PGP signature

References:
- RE: [Mip4] dynamic keys
  - From: Jeremy A. Greene

Prev by Date: Re: [Mip4] dynamic keys
Next by Date: RE: [Mip4] dynamic keys
Previous by thread: RE: [Mip4] dynamic keys
Next by thread: Re: [AAA-WG]: RE: [Mip4] dynamic keys
Index(es):
- Date
- Thread

Re: [Mip4] dynamic keys

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.