[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ISAKMP/Oakley resolution draft question



My apologies for repeating a question I had asked about a month ago,
but given the noise level on the list at the time, I can understand
how it got lost in the shuffle...

In the latest (-04) version of the ISAKMP/Oakley resolution draft,
the last message of Aggressive Mode (regardless of the authentication
method) is always unencrypted.  This seems to counter the base
ISAKMP (-08) draft, where the last message of Aggressive Mode is
encrypted.  But there is some text in section 5 of the resolution
draft (at the top of page 7) which seems to justify the lack of
encryption.

Is this correct?  If so, then how does one calculate the IV required
for the first Quick Mode message after using Aggressive Mode, given
that there will be no CBC output block from phase 1 (see appendix B)?

Thanks in advance...

-Shawn Mamros
E-mail to: smamros@newoak.com