[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

protocol encoding in proposal differs from IKEv1




I just noticed that the protocol encoding in IKEv2 is different from IKEv1.
Is this correct??

From IKEv2:

      o  Protocol-Id (1 octet) - Specifies the protocol identifier
         for the current negotiation. Zero (0) indicates IKE,
         one (1) indicated ESP, and two (2) indicates AH.

The IKEv2 DOI encodes ISAKMP as 1, AH as 2, and ESP as 3.

From an implementer's standpoint, I would like to point out (i.e., complain)
that differences such as this make it very inconvenient to have IKEv1 and IKEv2
coexist in the same piece of code.  My biggest complaint is that the the
payload structures have changed from IKEv1 to IKEv2, but the payload type
numbers have not.  I think it would have been better to give a new number to
any structure that changed.  In the above case, the proposal structure is
identical, but the encoding of one of the files has changed.

-- 
Steve Koehler
koehler@securecomputing.com