From: Sean McAvoy (smcavoy_at_megawheels.com)
Date: Tue Jan 07 2003 - 23:25:26 CET
I am looking for clarification on the various authentication/encryption
jargon :)
I think I've got it. I just want to make sure I'm using the right
terminology, now that I have to connect to other IPSec based VPNs
(namely Cisco's).
PSK, RSA Public Keys, and x.509 are authentication of the communicating
hosts. Is there encryption for the transmission of these, or is just for
"Signing a message" for the other side to verify it's the correct host?
And if there is encryption for this, how (or can it at all) be
configured. This is "Phase one IKE (main mode exchange)"
where does "Phase two IKE (quick mode exchange)" fit into this picture.
3DES, Blowfish, AES, etc. are used for the actually encryption of the
ESP Packets (and the keys negotiated for these are usually handled by
pluto using the IKE protocol, assuming the otherside can use the same
cipher). This is "IPsec proper", the actual transmission of encrypted
data. If no cipher is specified is 3DES assumed?
Thanks for help, in advance
-Sean
P.S. I've been RTFM for most of the afternoon... these are the questions
I came up with, after trying to be resourceful :)
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Jan 08 2003 - 05:21:17 CET