[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Please help with answer to discrepancy question

To: jryder@vnet.ibm.com
Subject: Re: Please help with answer to discrepancy question
From: wdm@epoch.ncsc.mil (W. Douglas Maughan)
Date: Fri, 9 May 97 15:38:36 EDT
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

Jim,

> 1)
> 
> Hi. I believe I see a discrepancy between
> 
> <A>
> the figure shown in the
> <draft-ietf-ipsec-isakmp-oakley-03.txt>, section 5.7.1 'Phase 1 using
> Oakley Main Mode', the first collections of payloads
> 
> and
> 
> <B>
> the figure shown in the
> <draft-ietf-ipsec-isakmp-07.txt>, section 3.6 'Transform Payload'.
> 
> 
> <A> shows the RESERVED area of the Transform Payload (not the generic
> header RESERVED area), in both Transform 1 and 2 to be BETWEEN the
> 'Transform #' and the 'Transform-ID' fields. In example <A>, I am
> assuming that the 'OAKLEY' present in the field is the 'Transform-ID'. 
> 
> <B> shows the RESERVED2 area of the Transform Payload (not the generic
> header RESERVED area), to be FOLLOWING the 'Transform-ID'.
> 
> Question: Which is correct?
> 

I'll give you my interpretation, but we'll need to hear the same thing
from Dan Harkins and/or Dave Carrel (authors of the ISAKMP/Oakley
draft). If you look at section 4.1.1 of <B> you'll see two full
examples of the payloads. I think the drawing in <A> is leftover from
the format in the ISAKMP-05 or -06 Internet Draft. I believe the
agreement made between the ISAKMP, ISAKMP/Oakley, and IPSEC DOI I-D
editors was that the Transform # field and the Transform ID field were
together followed by the 2 octet RESERVED2 field. Again, we should hear
from Dan Harkins and/or Dave Carrel to make sure we're in agreement.

> 2) In <A> listed above in question 1), 'OAKLEY' is in the
> 'Transform-ID' field. I have looked in <A> and <B> but I do not find the
> transform id values listed anywhere. I also looked in the
> <draft-ietf-ipsec-ipsec-doi-02.txt> but I don't see anything that looks
> like a really good answer there either.
> 
> Question: Is the OAKLEY transform-id to use the KEY_OAKLEY (1) transform
>           value listed in section 4.4.2 'IPSEC ISAKMP Transform Values'
>           of the <draft-ietf-ipsec-ipsec-doi-02.txt> document?
> 

Again, we probably need to hear from Dan and/or Dave and Derrell Piper
(author of the IPSEC DOI I-D). All transform values are listed in the
IPSEC DOI I-D. I believe you are correct in saying that the Transform
ID is the value listed in section 4.2 of the IPSEC DOI I-D.

Dan/Dave/Derrell??? Any input?


Doug Maughan
wdm@tycho.ncsc.mil

Follow-Ups:

Re: Please help with answer to discrepancy question

From: Daniel Harkins <dharkins@cisco.com>

Prev by Date: Please help with answer to discrepancy question
Next by Date: INET'97
Prev by thread: Please help with answer to discrepancy question
Next by thread: Re: Please help with answer to discrepancy question
Index(es):
- Main
- Thread