Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol | Zendy

P. Eronen | Zendy; Jouni Korhonen | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Multiple Authentication Exchanges in the Internet Key Exchange (IKEv2) Protocol

Author(s) -

P. Eronen,

Jouni Korhonen

Publication year - 2006

Publication title -

rfc

Language(s) - English

Resource type - Reports

DOI - 10.17487/rfc4739

Subject(s) - key exchange , computer network , computer science , authentication (law) , computer security , key (lock) , protocol (science) , the internet , ipsec , authentication protocol , internet privacy , world wide web , encryption , public key cryptography , medicine , alternative medicine , pathology

The Internet Key Exchange (IKEv2) protocol supports several mechanismsfor authenticating the parties, including signatures with public-keycertificates, shared secrets, and Extensible Authentication Protocol(EAP) methods. Currently, each endpoint uses only one of thesemechanisms to authenticate itself. This document specifies anextension to IKEv2 that allows the use of multiple authenticationexchanges, using either different mechanisms or the same mechanism.This extension allows, for instance, performing certificate-basedauthentication of the client host followed by an EAP authentication ofthe user. When backend authentication servers are used, they canbelong to different administrative domains, such as the network accessprovider and the service provider. This memo defines an ExperimentalProtocol for the Internet community.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research