I-D ACTION:draft-ietf-ipsec-ike-hash-revised-01.txt
Tero Kivinen <kivinen@ssh.fi> Thu, 09 March 2000 22:48 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id OAA10062; Thu, 9 Mar 2000 14:48:46 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id PAA02044 Thu, 9 Mar 2000 15:55:17 -0500 (EST)
Date: Thu, 09 Mar 2000 23:01:11 +0200
Message-Id: <200003092101.XAA26384@torni.ssh.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
From: Tero Kivinen <kivinen@ssh.fi>
To: ipsec@lists.tislabs.com
Subject: I-D ACTION:draft-ietf-ipsec-ike-hash-revised-01.txt
In-Reply-To: <200003091128.GAA24444@ietf.org>
References: <200003091128.GAA24444@ietf.org>
X-Mailer: VM 6.34 under Emacs 19.34.2
Organization: SSH Communications Security Oy
X-Edit-Time: 4 min
X-Total-Time: 3 min
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
Internet-Drafts@ietf.org writes: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > This draft is a work item of the IP Security Protocol Working Group of the IETF. > > Title : Fixing IKE Phase 1 & 2 Authentication HASH > Author(s) : T. Kivinen > Filename : draft-ietf-ipsec-ike-hash-revised-01.txt > Pages : 8 > Date : 08-Mar-00 > Here is a short summary of the changes in the document: * Added section to describe how phase 2 authentication hashes should be changed to fix the unauthenticated isakmp header problem in the phase 2 exchnages. * Changed the authentication hash to be hash of hashes instead of hash of the full packets. This way the memory consumption used to before calculating the hash is smaller, and the same per packet hash can also used to detect retransmission packets. * Added more text saying that the template hash/sig payload must contain generic payload header, but only the contents of the hash/sig field itself is all zeros. -- kivinen@iki.fi Work : +358-9-4354 3218 SSH Communications Security http://www.ssh.fi/ SSH IPSEC Toolkit http://www.ssh.fi/ipsec/
- I-D ACTION:draft-ietf-ipsec-ike-hash-revised-01.t… Internet-Drafts
- I-D ACTION:draft-ietf-ipsec-ike-hash-revised-01.t… Tero Kivinen
- IKE interoperability Jianying Zhou