Position of certificate payload in IKE Aggressive Mode as Initiator

["jyothi" <vjyothi@intotoinc.com>]

Hi,
     Kindly clarify the following doubt.

     Scenario :  IKE Phase 1 Negotiation (Aggressive Mode) authenticated
with signatures
     As an Initiator, can the certificate payload be sent in first message
or is it mandatory to be sent in third message only. In the subsection
Certificate Payload of section ISAKMP Payloads contained in RFC 2408, the
following statement is present. "The Certificate Payload MUST be accepted at
any point during an exchange". I understand from this statement that the
responder has to accept Certificate payload either in first message or third
message, which in turn provides the base for the assunption that initiator
can send the certificate payload in first msg or third msg.

thanks
sankar

---

Follow-Ups:

• Re: Position of certificate payload in IKE Aggressive Mode as Initiator
• From: Ramana Yarlagadda <ramana@chiplogic.com>
• RE: Position of certificate payload in IKE Aggressive Mode as Initiator
• From: "Andrew Krywaniuk" <andrew.krywaniuk@alcatel.com>

---

• Prev by Date: Re: isakmp cookies field
• Next by Date: Re: Position statement on IKE development
• Prev by thread: problems in manual keying
• Next by thread: Re: Position of certificate payload in IKE Aggressive Mode as Initiator
• Index(es):
  • Main
  • Thread