[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Question about ID types in IPSEC DOI

To: ddp@network-alchemy.com
Subject: Question about ID types in IPSEC DOI
From: Vipul Gupta <vgupta@nobel.Eng.Sun.COM>
Date: Thu, 25 Jun 1998 17:59:43 -0700 (PDT)
Cc: ipsec@tis.com, vipul.gupta@Eng.Sun.Com
Reply-To: Vipul Gupta <vgupta@nobel.Eng.Sun.COM>
Sender: owner-ipsec@ex.tis.com


  Section 4.6.2.12 of the IPSec DOI draft states:
  
  4.6.2.12 ID_KEY_ID

   The ID_KEY_ID type specifies an opaque byte stream which may be used
   to pass vendor-specific information necessary to identify which pre-
   shared key should be used to authenticate Aggressive mode
   negotiations.

  Am I correct in assuming that this does not preclude the use
  of ID_KEY_ID type identification when Main mode (rather than
  aggressive mode) is used in phase I.
  
  Amongst the following ID types mentioned in Section 4.6.2.1,
  are all of them valid for use in phase II as well?
  
       ID_IPV4_ADDR                        1
       ID_FQDN                             2
       ID_USER_FQDN                        3
       ID_IPV4_ADDR_SUBNET                 4
       ID_IPV6_ADDR                        5
       ID_IPV6_ADDR_SUBNET                 6
       ID_IPV4_ADDR_RANGE                  7
       ID_IPV6_ADDR_RANGE                  8
       ID_DER_ASN1_DN                      9
       ID_DER_ASN1_GN                      10
       ID_KEY_ID                           11

  Thanks for your time,
  
  vipul

Follow-Ups:

Re: Question about ID types in IPSEC DOI

From: "Derrell D. Piper" <ddp@network-alchemy.com>

Prev by Date: Re: Does IPsec undermine PKI?
Next by Date: Re: Question about ID types in IPSEC DOI
Prev by thread: Re: Does IPsec undermine PKI?
Next by thread: Re: Question about ID types in IPSEC DOI
Index(es):
- Main
- Thread