[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Position of certificate payload in IKE Aggressive Mode as Initiator

To: "jyothi" <vjyothi@intotoinc.com>, <ipsec@lists.tislabs.com>
Subject: Re: Position of certificate payload in IKE Aggressive Mode as Initiator
From: Ramana Yarlagadda <ramana@chiplogic.com>
Date: Fri, 10 Aug 2001 10:35:41 -0700
Cc: kalyan_bade@yahoo.com
In-Reply-To: <008e01c120c8$3ce25b20$700110ac@roc.com>
Sender: owner-ipsec@lists.tislabs.com

Jyothi

At 05:11 PM 8/9/01 +0530, jyothi wrote:
>Hi,
>      Kindly clarify the following doubt.
>
>      Scenario :  IKE Phase 1 Negotiation (Aggressive Mode) authenticated
>with signatures
>      As an Initiator, can the certificate payload be sent in first message
>or is it mandatory to be sent in third message only. In the subsection
>Certificate Payload of section ISAKMP Payloads contained in RFC 2408, the
>following statement is present. "The Certificate Payload MUST be accepted at
>any point during an exchange". I understand from this statement that the
>responder has to accept Certificate payload either in first message or third
>message, which in turn provides the base for the assunption that initiator
>can send the certificate payload in first msg or third msg.

I think NO, looking at the section 5.1.


-cheers
-ramana

References:

Position of certificate payload in IKE Aggressive Mode as Initiator

From: "jyothi" <vjyothi@intotoinc.com>

Prev by Date: Re: Simplifying IKE
Next by Date: Scope for the new keying protocol [Was: Simplifying IKE]
Prev by thread: Position of certificate payload in IKE Aggressive Mode as Initiator
Next by thread: RE: Position of certificate payload in IKE Aggressive Mode as Initiator
Index(es):
- Main
- Thread