Re: I can't underestand IKE Authentication!
- From: "Gaurav Kumar" <gauravphoenix@xxxxxxxxx>
- Date: Mon, 29 Oct 2007 08:59:23 +0530
ArshinK,
Information at http://technet2.microsoft.com/windowsserver/en/library/47b6a8a2-c239-4264-ae23-9b220391293c1033.mspx?mfr=true might help you.
---
Gaurav Kumar
Security Consultant
http://blogs.technet.com/gauravphoenix/
"ArshinK" <ArshinK@xxxxxxxxx> wrote in message news:eFWlAAYGIHA.4880@xxxxxxxxxxxxxxxxxxxxxxx
Hi
I have a problem when trying to understand Certificate-Authententication in IKE.
The problem is that when we take an IPSec-certificates from CA and install them in the Principal's-Store, it doesn't matter to what name we use for Subject-Field.
So how it protects against Man-in-the-Middle Attack? as it is possible for attacker to take a certificate with an optional name from the same CA and performs a successful authentication?
In other word, what attribute (except that Subject) in the certificate exactly determines the identification of other principal?
It is clear for me when using the Authentication Process in Kerberos or Pre-Shared-Key but not about Certificate when no field in the certificate is related to other principal!
Please help !
Thanks
.
- Follow-Ups:
- Re: I can't underestand IKE Authentication!
- From: ArshinK
- Re: I can't underestand IKE Authentication!
- References:
- I can't underestand IKE Authentication!
- From: ArshinK
- I can't underestand IKE Authentication!
- Prev by Date: I can't underestand IKE Authentication!
- Next by Date: Re: Certificate Services problem acroos firewall
- Previous by thread: I can't underestand IKE Authentication!
- Next by thread: Re: I can't underestand IKE Authentication!
- Index(es):
Relevant Pages
|
|
