RE: [Ipsec] comment on "empty message" in IKEv2 draft

["Yonghui Cheng" <cheng@juniper.net>]

Cookie is better (closer to ike convention).

The convention is, cookie is something need to be returned by peer,
yet exchange of nonce payloads can proof the freshness of both sides. 
Besides, nonce is never returned by peer (in IKE).

Yonghui



-----Original Message-----
From: Francis.Dupont@enst-bretagne.fr
[mailto:Francis.Dupont@enst-bretagne.fr] 
Sent: Friday, August 13, 2004 4:33 AM
To: Tero Kivinen
Cc: Yonghui Cheng; ipsec@ietf.org
Subject: Re: [Ipsec] comment on "empty message" in IKEv2 draft 

 In your previous mail you wrote:

   There would be easy fix for that, simply server includes the
N(COOKIE)
   notify payload inside encrypted payload in the DPD, and then we
simply
   add text to the draft-ietf-ipsec-ike2 draft saying inside the "COOKIE
   16390" section saying:
   
   	If this notification mesasge is received in any request, it
   	MUST be included in the reply packet, with the exactly same
   	data.
   
=> A nonce payload should have the same result, quoting the IKEv2 draft:

   The Nonce Payload ... contains random data used to guarantee liveness
   during an exchange and protect against replay attacks.

   I don't know what is better, COOKIE notifications or nonces. The only
   visible difference is the length (1-64 for cookies, 16-256 for
nonces)
   but this is not enough to choose. Same about the stateless property
   of cookies, here we have an IKE SA so already some state...
   What do readers of this mailing-list prefer? In any case we'll get
   this mechanism in MOBIKE.

Regards

Francis.Dupont@enst-bretagne.fr



_______________________________________________
Ipsec mailing list
Ipsec@ietf.org
https://www1.ietf.org/mailman/listinfo/ipsec