[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Questions about JFK
The answer to this question may be incredibly obvious to the members of
the mailing list, but it has been bothering me for some time. I've read
through the JFK draft (draft-ietf-ipsec-jfk-02.txt) several times and
scoured all the IPsec RFC's I thought may contain some material
"assumed" in the JFK draft, and I am still unable to answer it. How
does one communicate the IV that one has used in encrypting the various
encrypted parts of the exchange? And how does JFK generate sufficient
keying material for the encryption key Ke in the case of 3DES (since
SHA-1 only produces 20 bytes of data, for example)? IKEv1 and IKEv2
have explicit provision for generating sufficient keying material, but I
was unable to find it in the JFK draft. Any help in this regard would
be appreciated.
Jared