[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: The world according to MCR
>>>>> "Dan" == Dan Harkins <firstname.lastname@example.org> writes:
Dan> Why not? The authenticating hash payloads and SKEYID
Dan> generation could be changed to fix this "problem". The
Dan> Initiator sends the vendor ID payload in the first
Dan> message. If the Responder recognizes this (and assuming
Dan> implicit acceptance of this capability) he'll respond with
Dan> his vendor ID payload with the rest of his message, the
First, sending of a vendor ID payload is not dependant upon
receiving anything, and does not imply acceptance of the other's
vendor ID payload.
Second, the intention was that the vendor ID payload had to be
*received* before one could *send* using the private number space.
Kivinen had a different idea, and I'd like to get three or four
brains together and has out some better text.
] At IETF44 in Minneapolis, MN | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] email@example.com http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy"); [