[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
JFK Algorithm Choice
I just finished reading the new JFK draft at VPNC and I'm still
unclear on how algorithm choice is supposed to work.
As I understand it, there are actually two different sets of
algorithms: those used for protecting MSG 3 and MSG 4 (JFK
algorithms) and those used in the SA being established (SA algorithms).
(1) JFK Algorithm Choice
I think I understand this one, but I'd like to be sure. The
responder provides his choice of algorithms in GRPINFOr in
MSG 2. This includes the digest algorithm, the symmetric
encryption algorithm and one or more DH groups. The initiator
can take them or leave them.
(2) SA Algorithm Choice
My general understanding of how this works (based on S 2.2) is as
follows:
(1) The initiator offers some set of algorithms in the SA
payload of MSG 3.
(2) The responder chooses one and sends it in the SA' payload
in MSG 4.
Is this more or less correct?
Questions:
(1) What exactly are the contents of the SA payload. Section
2.1 says:
sa: Defines the cryptographic and other properties of the Security
Association (SA) the Initiator wants to establish. It contains
a Domain-of-Interpretation, which JFK understands, and an
application-specific bitstring.
Is the idea here that this is the Security Association payload
described in S 4.6.1 of RFC 2407 (possibly profiled down)? If so,
this appears to be inconsistent with the claim in S 5 that:
the
acceptable combinations are denoted by 16-bit, unstructured
integers.
Since this isn't how things are done in 2407, as I understand it.
(2) You list algorithms that "must be supported". Does this mean
that they must be enabled or merely implemented?
(3) How does the responder indicate that the initiator hasn't
offered any algorithms that it supports? Is there some way to
give a hint?
-Ekr