[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: isakmp sa attributes

To: "'jpickering@phase2net.com'" <jpickering@phase2net.com>, "'ipsec@tis.com'" <ipsec@tis.com>
Subject: RE: isakmp sa attributes
From: Eric Hastings <ehastings@ire.com>
Date: Tue, 12 May 1998 11:44:16 -0400
Sender: owner-ipsec@ex.tis.com

I don't know if you had this answered, but anyway...

> My quess would be that the group type and field size attributes are only for
>private 
>groups and are therefore not required as part of the negotiation.  Is this
>correct? If so, what should be done if, for example, these attributes are
>included when specifying one of the 4 standard groups?

IKE states on page 6:

 Group attributes (such as group type or prime--
   see Appendix A) MUST NOT be offered in conjunction with a previously
   defined group (either a reserved group description or a private use
   description that is established after conclusion of a New Group Mode
   exchange).

So, I guess you could decide that a proposal providing attributes along
with a pre-defined group is an invalid proposal.

Eric Hastings
>
>

Prev by Date: drafts -- AH, ESP, Arch
Next by Date: Re: Some questions
Prev by thread: Re: drafts -- AH, ESP, Arch
Next by thread: 40bit DES?
Index(es):
- Main
- Thread