> For what it's worth, the possibility of this general type of attack was
> repeatedly discussed in the IPsec working group and is a major reason
> why XAUTH was abandoned. The particular password-stealing attack that I
> describe as been widely discussed among IKE impl...
> For what it's worth, the possibility of this general type of attack was
> repeatedly discussed in the IPsec working group and is a major reason
> why XAUTH was abandoned. The particular password-stealing attack that I
> describe as been widely discussed among IKE impl...
[ more ]