[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject



Hell, all,

I am a new comer to ISAKMP and am a little confused about the two-phase
protocol:
	1. ISAKMP servers establishes ISAKMP SA, using existing shared
	   keys or public key technology.
	2. ISAKMP SA is used to negotiate other SAs.

What makes me confused is that in the page 15 of the
draft-ietf-ipsec-isakmp-10 (postscript version), only cookies appear
in the first phase.

Another question about IPSEC is about the SPI:
	ISAKMP SPI is the concatenation of the initiator and
	responder cookies. How about other SAs?  Is there any concrete
	examples about the generation of SPI of other SAs?

Thank you!

Xunhua