[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

getting off of this list

To: ipsec@lists.tislabs.com
Subject: getting off of this list
From: David Arrants <David@carefreecomputing.com>
Date: Tue, 28 Mar 2000 06:57:30 -0800
Sender: owner-ipsec@lists.tislabs.com

How can I get removed from this list ?


-----Original Message-----
From: pau@watson.ibm.com [mailto:pau@watson.ibm.com]
Sent: Monday, March 20, 2000 8:25 AM
To: ipsec@lists.tislabs.com; jtiller@lucent.com
Subject: Re: IKE Public Key Encryption



> 
> 
> Hello All,
> 
>  I know this has been discussed, and I attempted to find the previous
>  discussion in the list archives - needless to say, I was unsuccessful.
>  --------------------------Question---------------------
>  In the third message of MM with Public key authentication
>  (non-revised shown - but same issue for both):
> 
>        Initiator                        Responder
>       -----------                      -----------
>        HDR, SA                   -->
>                                  <--    HDR, SA
>        HDR, KE, [ HASH(1), ]
>           <IDi1_b>PubKey_r,
>            <Ni_b>PubKey_r        -->
>                                         HDR, KE, <IDr1_b>PubKey_i,
>                                  <--            <Nr_b>PubKey_i
>        HDR*, HASH_I              -->
>                                  <--    HDR*, HASH_R
> 
>   My question is about the use of HASH(1):
>   
>   "Where HASH(1) is the optional hash of the certificate which
>   contained Pubkey_r." <draft-ietf-ipsec-ike-01.txt>
>   
>   Shouldn't the [ HASH(1), ] be required? 

I would agree. At least our own experience showed that this makes
it much less ambiguous.

Pau-Chen

> 
>   ..........
> 
> Best regards,
> Jim
> 
> 
> 
> 
>

Prev by Date: Re: Heartbeats draft (fwd)
Next by Date: RE:
Prev by thread: IPsec and bandwidth sensitive applications
Next by thread: Open Source IPSec & accelerator cards
Index(es):
- Main
- Thread