[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comment on draft-ike-implementation regarding nonce size

To: Henry Spencer <henry@spsystems.net>
Subject: Re: Comment on draft-ike-implementation regarding nonce size
From: Dan Harkins <dharkins@tibernian.com>
Date: Sat, 16 Mar 2002 13:02:23 -0800
Cc: Andrew Krywaniuk <andrew.krywaniuk@alcatel.com>, ipsec@lists.tislabs.com
In-Reply-To: Your message of "Sat, 16 Mar 2002 11:44:46 EST." <Pine.BSI.3.91.1020316113634.17049A-100000@spsystems.net>
Sender: owner-ipsec@lists.tislabs.com

On Sat, 16 Mar 2002 11:44:46 EST you wrote
> On Sat, 16 Mar 2002, Andrew Krywaniuk wrote:
> > I don't understand your assertion that the two sides need to agree on the
> > nonce size. There is nothing in the protocol which says that the size of th
>e
> > Ni and Nr must match.
> 
> Poor phrasing, of a last-minute addition to the draft:  the issue is not
> that the two nonces have to be the same size, but that each side has to be
> willing to accept the other's nonce size, and there is no specification
> for allowable range.  I'll change this for the next rev.

The specification for allowable range is in section 5 of RFC2409.

  Dan.

Follow-Ups:
- Re: Comment on draft-ike-implementation regarding nonce size
  - From: Henry Spencer <henry@spsystems.net>

References:
- Re: Comment on draft-ike-implementation regarding nonce size
  - From: Henry Spencer <henry@spsystems.net>

Prev by Date: Re: Choosing between IKEv2 and JFK
Next by Date: Re: Comment on draft-ike-implementation regarding nonce size
Prev by thread: Re: Comment on draft-ike-implementation regarding nonce size
Next by thread: Re: Comment on draft-ike-implementation regarding nonce size
Index(es):
- Date
- Thread