[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Aggressive/Base Mode Signature Queries



Tero,

Thanks for the response, but this answer seems to contradict

   The
   responder to the Certificate Request payload MUST send its
   certificate, if certificates are supported, based on the values
   contained in the payload.

from p 34 Section "3.10 Certificate Request Payload" from RFC 2408, the
ISAKMP spec. The peer asked for a cert signed by C2, not C1. I don't follow
why the initiator gets to ignore the MUST in the above sentence in this
particular circumstance.

-- Jesse

-----Original Message-----
From: Tero Kivinen [mailto:kivinen@ssh.fi]
Sent: Saturday, January 06, 2001 1:43 PM
To: Walker, Jesse
Cc: ipsec@lists.tislabs.com
Subject: Aggressive/Base Mode Signature Queries


Walker, Jesse writes:
> (1)	HDR, SA, KE, Ni, IDii(A1), CertReq(C1) ---->
> (2)	<---- Hdr, SA, KE, Nr, IDrr(B1), Cert(B1,C1), Sig(B1), CertReq(C2)
> In the third message the protocol says you are supposed to send
> (3)	HDR, Sig(A2), Cert(A2,C2) ---->

No. You are supposed to send

(3) HDR, Sig(A1), Cert(A1,C1) ---->

The signature must be using the certificate that matches the identity
you already sent. If the responder does not trust the C1, then it will
reject the negotiation. If it trusts C1, then the negotiation will
succeed. 

If you selecteded wrong CA in the first place, then you need to use
main mode instead of aggressive mode. Aggressive mode does not offer
you an option to negotiate which CA to use.
-- 
kivinen@ssh.fi                               Work : +358 303 9870
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/



Follow-Ups: