Re: UDP / Identifying ISAKMP message

[Michael Richardson <mcr@sandelman.ottawa.on.ca>]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "heilmann" == heilmann  <heilmann@iabg.de> writes:
    heilmann> two general questions concerning IPSec and ISAKMP:

    heilmann> 1.) How can the IP layer be determine if a certain IPv6
    heilmann> PDU is (part of) an ISAKMP message?

  protocol == UDP, port == 500. 

    heilmann> 2.) Are there any special reasons, why ISAKMP hasn't
    heilmann> simply been assigned a "Next Header" number for IPv6 -
    heilmann> so that it could run directly over IP itself?

  It was designed specifically to allow that kind of thing. I don't
think it has been assigned yet. Hilary had some reasons for UDP vs IP protocols.

]    Have encryption. Am travelling... looks like Pensylvania.  |1 Fish/2 Fish[
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |Red F./Blow F[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |strong crypto[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQBVAwUBNuNjLB4XQavxnHg9AQEjpQH/QgpGx4i/qw4z3m3hag6GUBScu4Li7Mfs
5/BUtNaRawSAhLns7G8P13I7Jjd8r+4nLZamx8bGTtNomibwBVZUjw==
=NnRY
-----END PGP SIGNATURE-----

---

Follow-Ups:

• Re: UDP / Identifying ISAKMP message
• From: Henry Spencer <henry@spsystems.net>

References:

• UDP / Identifying ISAKMP message
• From: "heilmann" <heilmann@iabg.de>

---

• Prev by Date: RE: (mobile-ip) RE: (IPng 7211) RE: Last Call: Mobility Support in IPv6 to Propos ed Standard
• Next by Date: Addendum: Address of list changing
• Prev by thread: UDP / Identifying ISAKMP message
• Next by thread: Re: UDP / Identifying ISAKMP message
• Index(es):
  • Main
  • Thread