[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

QM optional payloads

To: "David W. Faucher" <dfaucher@lucent.com>
Subject: QM optional payloads
From: Tero Kivinen <kivinen@ssh.fi>
Date: Tue, 26 Sep 2000 23:33:42 +0300 (EET DST)
Cc: <ipsec@lists.tislabs.com>
In-Reply-To: <001a01c027c6$24c063d0$0101a8c0@mv.lucent.com>
Organization: SSH Communications Security Oy
References: <001a01c027c6$24c063d0$0101a8c0@mv.lucent.com>
Sender: owner-ipsec@lists.tislabs.com

David W. Faucher writes:
> Are optional payloads covered by the HASH3 payload 
> in a quick mode exchange?

The RFC is quite clear that the HASH(3) only contains value zero,
message id, and two nonces. It does not contain anything from the
actual final packet itself. So I think it currently does not include
any extra payloads you might put in the third message. 

> If commit bit processing is used, are they covered by HASH4?

There is no HASH(4) in that case. There will be normal HASH of rest of
the payloads, so that will include all payloads included in the
packet. 

> The text for HASH1 and HASH2 explicitly states that
> it covers the entire message but no such text exists
> for HASH3 (and HASH4).

The text doesn't say anything about HASH(4), and it doesn't even say
if the notification is going to be sent as part of quick mode or as a
separate informational exchange. 
-- 
kivinen@ssh.fi                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

References:

QM optional payloads

From: "David W. Faucher" <dfaucher@lucent.com>

Prev by Date: CERT_REQ_PAYLOAD usage
Next by Date: RE: CERT_REQ_PAYLOAD usage
Prev by thread: QM optional payloads
Next by thread: CERT_REQ_PAYLOAD usage
Index(es):
- Main
- Thread