XAUTH was proposed, but it died. Then if a remote initiator wants to build a SA with a responser, how do they authenticate each other without pre-shared key? Please help, Thanks. _________________________________________________________ Do You Yahoo!? "是IT精英吗?小试牛刀获时尚大奖!" http://cn.promo.yahoo.com/cgi-bin/udb/u