[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: comments on Oakley test items

To: "'wdm@epoch.ncsc.mil'" <wdm@epoch.ncsc.mil>
Subject: RE: comments on Oakley test items
From: Greg Carter <greg.carter@entrust.com>
Date: Sun, 28 Sep 1997 17:17:44 -0400
Cc: "'ipsec@tis.com'" <ipsec@tis.com>
Sender: owner-ipsec@ex.tis.com

Hi Doug,

>Section 4.8 of ISAKMP-08 shows the values included in an Informational
>Exchange (notify or delete). This includes an ISAKMP Header (containing
>the M-ID) and the Notify Payload, described in section 3.15. This
>payload includes DOI, P-ID, and SPI. The data portion of the message is
>DOI specific (and you're right that DOIv3 doesn't have anything
>extra). The Message Type field gives the details of the message.
>
>Maybe I'm missing your point, but what isn't there that you need? Is
>there something that needs to be added to the ISAKMP draft or is it
>needed in the DOI draft?

The header of the ISAKMP info exchange now uses a unique M-ID to get
around IV sync problems.  Therefore there is no correlation between the
M-ID of the Quick Mode which is being rejected and the M-ID in the
Information exchange hdr.

In some situations a Quick Mode may be rejected before SPI/P-ID values
are learnt, therefore having a way to specify the M-ID of the rejected
Quick Mode would be beneficial.
Bye. 
----
Greg Carter, Entrust Technologies
greg.carter@entrust.com
Get FREE FIPS-140-1 Validated Crypto for the desktop
http://www.entrust.com/solo.htm

>

Prev by Date: Re: [Ottawa bakeoff feedback] problem with ESP Padding
Next by Date: [Survey] request for input -- October 1997 Survey
Prev by thread: RE: comments on Oakley test items
Next by thread: News on Pending US (Encryption) Legislation
Index(es):
- Main
- Thread