[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

DOIs




In the ISAKMP header we have:

    Init Cookie
    Resp Cookie
    Next Payload
    Ver ..
    Exchange Type
    Flags
    Message ID
    Length

Now, Exchange types are DOI specific ?
Payload ordering/validity is exchange specific ?

IMHO the ISAKMP header format should be:

    Destination SPI (or Cookie if you really believe they are useful ?)
    Source SPI (ditto) [SPIs being 4 octet fields]
    DOI [2 octets]
    Version [1 octet]
    Exchange type [1 octet]
    Next Payload [1 octet]
    Message ID [2 octets]
    Flags [1 octet]
    Length [4 octets]


Processing the ISAKMP header:-

    Validate SPIs/Cookies
    Test if DOI supported
    Test if this version of the DOI is supported
    Test if Exchange type is supported by this DOI
    Test if Next Payload is legal for this Exchange
    Flags
    Message ID
    Length

The ISAKMP header MUST be mandatory for ALL DOIs.

This, IMHO, is a more natural processing order ?

Also, assuming that DOIs have their own SPI name space and protocol
ID name space, having the DOI in the mandatory ISAKMP header
will identify which SA Delete messages actually relate to ?

Leaving the situation Identifier in the SA payload would seem 
reasonable since the SA proposals, effectively encapsulated by the SA 
payload header, are all being established  for the same situation. 
If I am not missing anything, it is only at this level of processing 
does it become necessary to know the situation.





****************************************************

Elfed T. Weaver
Defence Research Agency
Malvern
UK

weaver@hydra.dra.hmg.gb