[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
DOIs
In the ISAKMP header we have:
Init Cookie
Resp Cookie
Next Payload
Ver ..
Exchange Type
Flags
Message ID
Length
Now, Exchange types are DOI specific ?
Payload ordering/validity is exchange specific ?
IMHO the ISAKMP header format should be:
Destination SPI (or Cookie if you really believe they are useful ?)
Source SPI (ditto) [SPIs being 4 octet fields]
DOI [2 octets]
Version [1 octet]
Exchange type [1 octet]
Next Payload [1 octet]
Message ID [2 octets]
Flags [1 octet]
Length [4 octets]
Processing the ISAKMP header:-
Validate SPIs/Cookies
Test if DOI supported
Test if this version of the DOI is supported
Test if Exchange type is supported by this DOI
Test if Next Payload is legal for this Exchange
Flags
Message ID
Length
The ISAKMP header MUST be mandatory for ALL DOIs.
This, IMHO, is a more natural processing order ?
Also, assuming that DOIs have their own SPI name space and protocol
ID name space, having the DOI in the mandatory ISAKMP header
will identify which SA Delete messages actually relate to ?
Leaving the situation Identifier in the SA payload would seem
reasonable since the SA proposals, effectively encapsulated by the SA
payload header, are all being established for the same situation.
If I am not missing anything, it is only at this level of processing
does it become necessary to know the situation.
****************************************************
Elfed T. Weaver
Defence Research Agency
Malvern
UK
weaver@hydra.dra.hmg.gb