Thread: [Ipsec-tools-devel] Avoid multiple authentication
Brought to you by:
mit_warlord,
netbsd
From: krbmit s. <kr...@gm...> - 2011-08-29 10:34:29
|
Hi All, I was thinking to bring a Token concept in Ikev2 which will be Given by the responder, so that the session keys is bound to a life time and If the Key is still valid IKE_INIT can be skipped and IKE_AUTH is directly used even in the next sessions. Tokens= Session key + Life time. The above will save DH computation and key negotiation in case the session was aborted for some reason and if the client has multiple make break of sessions. The above will save multiple times of authentication of client who was already authenticated. Kindly share your views on token to be used has authenticators For multiple sessions. Thanks and Regards Naveen |