Hi Sheng, 2008/7/2 Sheng Jiang <[EMAIL PROTECTED]>: > Hi, Jean, > > Firstly, the Key Hash field is not added by this draft. It is defined in SEND > specification - RFC 3971.
Sure :) But, in fact, my question was regarding RFC 3971 and not your draft. Sorry for the confusion. > Secondly, the answer for you: it is "Its purpose is to > associate the signature to a particular key known by the receiver." Agree but: o For NS/NA/RS When there is a CGA option, the key hash field MUST contain the hash of the CGA public key but the CGA public key is already in the CGA Parameters field in the CGA option. o For RA In the case where there is no CGA option, the key hash should be the hash of public key from the Router Authorization Certificate but this key is already in this cert. So, in the two cases, you have already the key, so why do you need to have a hash of the key too? Best regards. JMC. > > Best regards, > > Sheng JIANG, Ph.D. > > IP Research Department, Networking Research Department, Network Product Line, > Huawei > Technologies Co. Ltd. > > > *-----Original Message----- > *From: [EMAIL PROTECTED] > *[mailto:[EMAIL PROTECTED] On Behalf Of Jean-Michel Combes > *Sent: Wednesday, July 02, 2008 8:38 PM > *To: [email protected] > *Subject: [CGA-EXT] Key Hash field in the RSA Sig Option > * > *Hi, > * > *In reviewing draft-kukec-csi-hash-threat-02, I was wondering > *what was the reason to add a Key Hash field in the RSA > *Signature Option. How is it useful to have it from a security > *point of view? > * > *Thanks in advance for your help. > * > *Best regards. > * > *JMC. > *_______________________________________________ > *CGA-EXT mailing list > [EMAIL PROTECTED] > *https://www.ietf.org/mailman/listinfo/cga-ext > * > > > _______________________________________________ CGA-EXT mailing list [email protected] https://www.ietf.org/mailman/listinfo/cga-ext
