[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Building a SA Payload



Can we build a SA Proposal which looks like this

SA Payload with DOI=IPSEC and Situation = SIT_IDENTITY_ONLY
Proposal Payload #1 for PROTOCOL_ISAKMP specifying 4 Transforms
Transform Payload #1 with Encryption Algorithm = IDEA
Transform Payload #2 with Encryption Algorithm = 3DES_CBC
Transform Payload #3 with Encryption Algorithm = DES_CBC
Transform Payload #4 with Hashing Algorithm = MD5

Consider the following situation

where I am trying to develop a ISAKMP SA with
  ENC = DES_CBC(or)3DES_CBC(or)IDEA
  HASH = MD5

Do I have to send three SA Proposal's or will one SA Proposal suffice.

Which one of the below listed method's are correct
METHOD 1 or 2 or 3

METHOD #1
---------
Propose( DES, 3DES, IDEA, MD5, SHA );
 <==>
Accept( 3DES, MD5 );

OR

METHOD #2
---------
Propose( IDEA, MD5 );
 <==>
Reject( IDEA, MD5 );

Propose( 3DES, MD5 );
 <==>
Accept( 3DES, MD5 );

OR

METHOD #3
---------
Propose( IDEA, MD5 ); Propose( 3DES, MD5 );
 <==>
Accept( 3DES, MD5 );

Thanks in advance
 - Venkat

This is a digitally signed message part


--------------------------------------------------------------
Dexcel Electronics Designs (P) Ltd., Bangalore, India