[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Child_SA key material
Make that:
| 1. AH_ir, AH_ri, ESP_ir(encr, auth), ESP_ri(encr, auth)
|
| or
|
| 2. AH_ir, ESP_ir(encr, auth), AH_ri, ESP_ri(encr, auth)
where _ir = initiator to responder SA
_ri = responder to initiator SA
----- Original Message -----
From: "David Faucher" <dfaucher@lucent.com>
To: <ipsec@lists.tislabs.com>
Sent: Monday, November 25, 2002 2:26 PM
Subject: Child_SA key material
| Section 4.16 of draft-ietf-ipsec-ikev2-03.txt
| describes how key material is taken from KEYMAT
| for CHILD-SAs.
|
| If AH and ESP were negotiated would the key material
| be taken as
|
| 1. AH_in, AH_out, ESP_in(encr, auth), ESP_out(encr, auth)
|
| or
|
| 2. AH_in, ESP_in(encr, auth), AH_out, ESP_out(encr, auth)
|
| David