Download presentation
Presentation is loading. Please wait.
1
PANA enabling IPsec based Access control
draft-ietf-pana-ipsec-00.txt Mohan Parthasarathy There were 2 revisions since last ietf. 7/14/2003 IETF57
2
Open Issues Use of IPsec tunnel mode instead of transport mode. Draft has been modified to use tunnel mode instead of IP-IP transport mode. Pre-shared key derivation for IKE. Pre-shared key = HMAC-SHA-1 (MSK | “IKE Pre-shared key” | PANA session ID) 7/14/2003 IETF57
3
Open Issues (contd…) What to do if MSK is updated because of re-authentication ? Suggestions proposed : - Update IKE SA to use the new MSK - Update IKE SA to use the new MSK when IKE SA expires. - IKE SA always uses the old MSK. Option (2) : Update when IKE SA expires ? 7/14/2003 IETF57
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.