[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Comments on draft-ietf-ipsec-ike-01.txt (long)
> 3) Acknowledged Information Exchange
>
> I'm glad to see this was added. The use of an acknowledged delete mechanism
> will go a long way to improve SA management.
>
> How does an implementation know when a peer supports this exchange? It seems
> to me that instead of giving it its own exchange number, all that's been
> done is the addition of a Nonce payload to the existing informational
> exchange.
It has its own exchange number:
----------------------------------------------------------------------
Additional Exchanges Defined-- XCHG values
Quick Mode 32
New Group Mode 33
Acknowledged Informational 34
----------------------------------------------------------------------
So if other end returns invalid exchange type, then it doesn't support
it...
--
kivinen@iki.fi Work : +358-9-4354 3218
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
References: