[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-nordmark-multi6-threats-01.txt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2004-06-10, at 14.53, Erik Nordmark wrote:
>
>> later on you ask:
>> "[TBD: Does one-way authentication, without mutual authentication,
>> add a
>> different class of applications?]"
>>
>> As i understand this section, the analysis is divided in two: first
>> the
>> initiator end and then the responding end.
>> The initiator, always care about the identity of the target, since it
>> wants to communicate with a given node. So. in this part you discuss
>> the possibility of using TLS to provide strong authentication of the
>> target
>> Next you discuss the responder p.o.v. and you discuss different
>> mechanisms that the responder can use to verify the initiator.
>>
>> So my reading is that responder verification and initiator
>> verification
>> are independent from one another and that the one way authentication
>> is
>> already considered in the analysis. am i missing something?
>
> Yes, you're right. Thanks for making that clear to me.
But doesn't one-way authentication without mutual authentication imply
a different trust model? I.e one end chooses to not to authenticate
while the other end does authenticate.
- - kurtis -
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
iQA/AwUBQMxdT6arNKXTPFCVEQK4MQCfXOiTv9ddX5k5zDbdjuj9/ZC3PyYAni8Y
QoXE6YFGCxi2sCFtrPkMK4+h
=4r2U
-----END PGP SIGNATURE-----