[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: proposed changes to ISAKMP/Oakley
- To: ipsec@tis.com
- Subject: Re: proposed changes to ISAKMP/Oakley
- From: Daniel Harkins <dharkins@cisco.com>
- Date: Mon, 13 Oct 1997 13:35:30 -0700
- In-Reply-To: Your message of "Mon, 13 Oct 1997 14:52:24 EDT." <199710131852.OAA09044@carp.morningstar.com>
- Sender: owner-ipsec@ex.tis.com
I receive a unicast mail (not sent to the list) suggesting new terminology
when describing ISAKMP payloads. The existing terminology overloads a single
payload identifier: Ni is represented as the entire message including the
ISAKMP generic header and it's also represented as just the body of the
payload-- the nonce itself. This is confusing.
The suggestion is to say that b<P> means the body of the message only
and not including the generic header. There is already limited notation
to describe the body of the SA payload-- SAp-- but that too is somewhat
confusing. I'd rather not precede the payload notation with a qualifier
so, unless there is opposition, I'll change the notation to use the
trailing '_b' to define just the body of the payload.
Ni is the entire nonce, generic header and all.
Ni_b is just the nonce, no generic header.
IDii_b is the ID minus the generic header. This works nicely as
it includes the type, port and protocol by definition and
that information must be included in HASH_I and HASH_R now.
Dan.