Yaron Sheffer writes:
> The definition of the payload (sec. 3.8) should mention explicitly
> that the payload hash algorithm is unrelated to the one used in the
> certificate, or the algorithm used to sign the IKE Encrypted
> Payload.
What is the exact wording you are plannig to add there. As in some
cases the hash functions are related to the keys used (for example
hash must be SHA if DSS digital Signatures are used) the exact wording
is important. Also it is very good idea to see that if other end used
certificates using SHA-2 as their hash algorithm for certificates,
then he most likely do support SHA-2 as auth method hash algorithm
too, so using it to hash the RSA keys might be good idea.
This means that hash algorithm used here and the hash algorithm used
in the certificate are related, altought that does not mean they need
to be same.
> Moreover, the words "by default" are confusing and should be
> deleted.
I cannot find words "by default" from rfc4306 nor from
draft-ietf-ipsecme-ikev2bis-05.txt. Are you refering this text:
...
To
promote interoperability, implementations that support this
type SHOULD support signatures that use SHA-1 as the hash
function and SHOULD use SHA-1 as the default hash function when
generating signatures.
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
