[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
main mode with signature authentication
hi,
there are there roundtrips in the process of ISAKMP SA establishment using
main mode authenticated with signature,the message is encrypted and
authenticated
in the last roundtrip,there are two statements:
1.the encryption algorithm is negotiated in payload SA during the first
roundtrip,
and the key is derivated from SKEYID_e after the second roundtrip.
2.the authentication algorithm(Signature) is designated before current
ISAKMP SA
negotiation,ie. its designation is irrelevant with current ISAKMP SA
negotiation.
i cannot confirm the statements,any comment is appreciated.
thanks in advance
whh