[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Length of checksum in IKEv2 encrypted payload?
Pasi.Eronen@nokia.com wrote:
> Hi,
>
> The length of this field depends on what integrity algorithm
> was negotiated. IKEv2 assumes that all integrity algorithms have
> a fixed checksum length; this length is given in the specification
> for that algorithm (e.g. 96 bits for AUTH_HMAC_SHA1_96).
> Therefore, it's not necessary to have a length field in
> each packet.
Yes, that's what I thought. It would be nice if the draft spelled this out.
-g
> Best regards,
> Pasi
>
>
>>-----Original Message-----
>>From: owner-ipsec@lists.tislabs.com
>>[mailto:owner-ipsec@lists.tislabs.com]On Behalf Of ext Geoffrey Huang
>>Sent: Tuesday, February 10, 2004 1:56 AM
>>To: ipsec@lists.tislabs.com
>>Subject: Length of checksum in IKEv2 encrypted payload?
>>
>>Hi there,
>>
>>First, apologies if this has already been discussed - I
>>haven't been following this list closely lately, and I
>>couldn't find anything in the archives.
>>
>>Section 3.14 of the IKEv2 draft describes the encrypted
>>payload, showing the last field of the payload to be the
>>integrity checksum. The text doesn't describe how long the
>>field is. From the diagram, it looks variable, but there is
>>no length field describing the value. Is this an oversight?
>>
>>-g
>
>