[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: compare-jfk-sigma.txt



> BTW, there is another reason not to go for a "sign message 1
> and message
> 2" as in IKEv2: if you do that then the security of the
> protocol depends
> on what exactly you sent in these messages.

When it says "sign messages 1&2" in IKEv2, I would hazzard a guess that this
only applies when you are not using stateless DoS protection. When you are
using stateless DoS protection then you sign messages 3&4 instead.

-------------------------------------------
There are no rules, only regulations. Luckily,
history has shown that with time, hard work,
and lots of love, anyone can be a technocrat.



Follow-Ups: References: