Re: SecurID and FreeS/WAN GW

From: Kee Hinckley (nazgul@somewhere.com)
Date: 03/12/02


Date: Mon, 11 Mar 2002 22:22:45 -0500
To: Bennett Todd <bet@rahul.net>
From: Kee Hinckley <nazgul@somewhere.com>

At 4:39 PM -0500 3/8/02, Bennett Todd wrote:
>Unless there's been some recent development I haven't heard of,
>incorporating user authentication (like e.g. SecurID) into IPSec
>remains an open research problem. Any solution that's in use today
>is a special one-off ad-hoc hack. Such a hack is easy to make.

I wouldn't call it "open research". I was connecting to a Cisco
server just today using IPSec and SecurID. However I agree that
there doesn't seem to be a widely supported solution. I've never
been able to find an arbitrary VPN client that could use SecurID to a
server from a different vendor.

-- 

Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ nazgul@somewhere.com

I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's.