S/WAN ISAKMP/Oakley testing...
Roy Pereira <rpereira@timestep.com> Thu, 07 November 1996 22:18 UTC
Received: from cnri by ietf.org id aa02218; 7 Nov 96 17:18 EST
Received: from portal.ex.tis.com by CNRI.Reston.VA.US id aa23833; 7 Nov 96 17:18 EST
Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id RAA10670 for ipsec-outgoing; Thu, 7 Nov 1996 17:11:45 -0500 (EST)
Message-ID: <c=US%a=_%p=TimeStep_Corpora%l=TSNTSRV2-961107221439Z-2162@tsntsrv2.timestep.com>
X-MS-TNEF-Correlator: <c=US%a=_%p=TimeStep_Corpora%l=TSNTSRV2-961107221439Z-2162@tsntsrv2.timestep.com>
From: Roy Pereira <rpereira@timestep.com>
To: 'isakmp-oakley' <isakmp-oakley@cisco.com>, 'IPSEC' <ipsec@tis.com>
Subject: S/WAN ISAKMP/Oakley testing...
Date: Thu, 07 Nov 1996 17:14:39 -0500
X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.993.5
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="---- =_NextPart_000_01BBCCCF.2A4FCCB0"
Sender: owner-ipsec@ex.tis.com
Precedence: list
I'd like to talk about some of the 'magic' identifiers in ISAKMP. I'm talking about the values that aren't defined in v5 of the draft. - What transform ids are used for the ISAKMP proposal? - What ids are used for the ISAKMP proposal attributes "Group Identifier", Encryption Alg", "Hash Alg", and "Auth Alg" ? - What is the format of a SA proposal TLV ? Is the type and length 16 bits each ? Or are they 8 bits each ? - What is the ESP Proposal attribute "Cryptographic Synch" used for and when? - How do we transform a 8-byte ISAKMP SPI to a 4-byte ESP/AH SPI ? - The v5 ISAKMP draft states that the "Payload Length" in the SA payload is "in 4-octet units", but this is incorrect and should by in 1-octet units. - For the Certificate Payload, there aren't any identifiers for the Certificate Type and there is only one identifier for the Certificate Authority. - What ISAKMP exchange identifiers are used for the Oakley exchange modes? - What is the Notify message error "CONNECTED" used for? - What is the Notification Data? It's contents are not defined in the Internet DOI. Thanks.
- S/WAN ISAKMP/Oakley testing... Roy Pereira
- Re: S/WAN ISAKMP/Oakley testing... W. Douglas Maughan