[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IKE Public Key Encryption

To: Henry Spencer <henry@spsystems.net>
Subject: Re: IKE Public Key Encryption
From: Jim Tiller <jtiller@lucent.com>
Date: Mon, 20 Mar 2000 14:44:18 -0500
CC: IP Security List <ipsec@lists.tislabs.com>
In-reply-To: <Pine.BSI.3.91.1000320122122.16265F-100000@spsystems.net>
Organization: Lucent
References: <Pine.BSI.3.91.1000320122122.16265F-100000@spsystems.net>
Reply-To: Jim Tiller <jtiller@lucent.com>
Sender: owner-ipsec@lists.tislabs.com

Hello Henry,

Yes - very true, and I eluded to that in a response I sent Pau-Chen,
in that I was assuming certificates - but the RFC does say
"certificates", so I stuck with that. Although, I completely agree with
your statement, however, the same issue does apply - how does the
responder know which private key to use?

Thankx for responding!

-jim

Monday, March 20, 2000, 12:22:29 PM, you wrote:

>>  In the third message of MM with Public key authentication...
>>   "Where HASH(1) is the optional hash of the certificate which
>>   contained Pubkey_r." <draft-ietf-ipsec-ike-01.txt>
>>   Shouldn't the [ HASH(1), ] be required? 

HS> Public keys aren't necessarily obtained from certificates.

HS>                                                           Henry Spencer
HS>                                                        henry@spsystems.net

References:

Re: IKE Public Key Encryption

From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: Heartbeats draft available
Next by Date: Re: IKE Public Key Encryption
Prev by thread: Re: IKE Public Key Encryption
Next by thread: Re: IKE Public Key Encryption
Index(es):
- Main
- Thread