[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: XAUTH is broken

To: ipsec@lists.tislabs.com, tjenkins@TimeStep.com
Subject: RE: XAUTH is broken
From: Joern Sierwald <joern.sierwald@datafellows.com>
Date: Fri, 23 Jul 1999 16:30:36 +0300
Sender: owner-ipsec@lists.tislabs.com

Conclusion:

Best way is a new exchange. It will work exactly as specified in
the xauth draft, except the exchange number in the ISAKMP headers will
be a new XAUTH number instead of cfg-mode.

A clarification: XAUTH ends with a SET and an ACK type packet. 
SET and ACK are used only at the end of the exchange. 
This way, the XAUTH exchange is not "open-ended",
it is just "variable length".

As I am ignorant of the procedures... Who picks the number?

Jörn

Prev by Date: RE: Secret public keys
Next by Date: RE: XAUTH is broken
Prev by thread: Re: XAUTH is broken
Next by thread: RE: XAUTH is broken
Index(es):
- Main
- Thread