[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cookie exchange

To: <ipsec@tis.com>
Subject: Cookie exchange
From: "Sumit A. Vakil" <sumit_vakil@mw.3com.com>
Date: Thu, 22 Jan 1998 22:12:25 -0600
Sender: owner-ipsec@ex.tis.com

There's something in the ISAKMP draft version 8, that puzzles me:

Section 4.3:

"Additionally, none of the examples include an initial exchange of ISAKMP Headers (con-
taining initiator and responder cookies) which would provide protection
against clogging (see section 2.5.3)."

How do I interpret this? Does it meant that before doing, say, an Id protect exchange, cookies could be exchanged as described in the Oakley draft? So, the first message in an Id protect exchange could contain both the intiator and responder cookies? Are there implementations out there that actually work this way?

Thanks,

Sumit A. Vakil

3Com, Corporation

Prev by Date: some more issues on IPSEC
Next by Date: Re: Security Association Lifetimes in kbytes
Prev by thread: Re: some more issues on IPSEC
Next by thread: Re: Cookie exchange
Index(es):
- Main
- Thread