[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Question about ID types in IPSEC DOI
Section 4.6.2.12 of the IPSec DOI draft states:
4.6.2.12 ID_KEY_ID
The ID_KEY_ID type specifies an opaque byte stream which may be used
to pass vendor-specific information necessary to identify which pre-
shared key should be used to authenticate Aggressive mode
negotiations.
Am I correct in assuming that this does not preclude the use
of ID_KEY_ID type identification when Main mode (rather than
aggressive mode) is used in phase I.
Amongst the following ID types mentioned in Section 4.6.2.1,
are all of them valid for use in phase II as well?
ID_IPV4_ADDR 1
ID_FQDN 2
ID_USER_FQDN 3
ID_IPV4_ADDR_SUBNET 4
ID_IPV6_ADDR 5
ID_IPV6_ADDR_SUBNET 6
ID_IPV4_ADDR_RANGE 7
ID_IPV6_ADDR_RANGE 8
ID_DER_ASN1_DN 9
ID_DER_ASN1_GN 10
ID_KEY_ID 11
Thanks for your time,
vipul
Follow-Ups: