[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ipsec] IKEv2: potential 4-byte alignment problem



Hi IKEv2 folks,

In IKEv2 draft,  there seems to be no strict rule to ensure all the 
payload or content to be 4-byte aligned. For example, the 
INVALID_KE_PAYLOAD notification allows only two octets of the data to be 
sent.

If 4-byte alignment is not enforced throughout the IKE payload by IKEv2 
standard, then there won't be much value to have all the 
header/substruct 4-byte aligned. Because, the header could be shifted 
arbitrarily due to the un-aligned data.

I am wondering whether IKEv2 should have this rule (and allow padding) 
in the standard?

Thanks!

Kevin Li
Cisco Systems

_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec