[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Length of checksum in IKEv2 encrypted payload?

To: <ghuang@cisco.com>, <ipsec@lists.tislabs.com>
Subject: RE: Length of checksum in IKEv2 encrypted payload?
From: Pasi.Eronen@nokia.com
Date: Wed, 11 Feb 2004 11:04:13 +0200
Sender: owner-ipsec@lists.tislabs.com
Thread-index: AcPvcS9JaaCTjXlhSOeUqJ6EfyoeqABC1vjg
Thread-topic: Length of checksum in IKEv2 encrypted payload?


Hi,

The length of this field depends on what integrity algorithm 
was negotiated. IKEv2 assumes that all integrity algorithms have 
a fixed checksum length; this length is given in the specification
for that algorithm (e.g. 96 bits for AUTH_HMAC_SHA1_96).
Therefore, it's not necessary to have a length field in 
each packet.

Best regards,
Pasi

> -----Original Message-----
> From: owner-ipsec@lists.tislabs.com
> [mailto:owner-ipsec@lists.tislabs.com]On Behalf Of ext Geoffrey Huang
> Sent: Tuesday, February 10, 2004 1:56 AM
> To: ipsec@lists.tislabs.com
> Subject: Length of checksum in IKEv2 encrypted payload?
> 
> Hi there,
> 
> First, apologies if this has already been discussed - I
> haven't been following this list closely lately, and I
> couldn't find anything in the archives.
> 
> Section 3.14 of the IKEv2 draft describes the encrypted
> payload, showing the last field of the payload to be the
> integrity checksum.  The text doesn't describe how long the
> field is.  From the diagram, it looks variable, but there is
> no length field describing the value.  Is this an oversight?
> 
> -g

Follow-Ups:
- Re: Length of checksum in IKEv2 encrypted payload?
  - From: Geoffrey Huang <ghuang@cisco.com>

Prev by Date: Re: Certicom IP Statement Regarding IKE
Next by Date: Re: Length of checksum in IKEv2 encrypted payload?
Previous by thread: Non-ipsec IANA allocations for IKEv2 needed
Next by thread: Re: Length of checksum in IKEv2 encrypted payload?
Index(es):
- Date
- Thread