On Jan 22, 2010, at 11:57 PM, Yaron Sheffer wrote:
> The text in 3.3 requires "peace of mind" to fully appreciate. A diagram might
> be helpful.
>
> Here's a first shot (we'll need to add some descriptive text):
>
> SA Payload
> |
> ---------------............-
> | | |
> Proposal #1 Proposal #2 Proposal #n
> ESP ESP
> SPIx SPIy
> | |
> --------------------- --------------------
> | | | |
> Transform A Tranform B Transform C Transform D
> ENCR AUTH ENCR ESN
> AES HMAC-SHA-256 AES-CCM ESN=1
> |
> -----------------
> | | |
> Attr Ax Attr Ay Attr Az
> 128 192 256
I'm sorry I just noticed this, but is this even allowed? Can you include
multiple key length attributes in the same transform?
Section 3.3.6 says:
If there are multiple proposals, the responder MUST
choose a single proposal. If the selected proposal has multiple
Transforms with the same type, the responder MUST choose a single
one.
So far, it's OK. The responder chooses one proposal, and if that proposal
contains multiple transforms of the same type (say AUTH=HMAC-SHA-1 and
AUTH=HMAC-SHA-256) then the responder chooses just one of those.
Any attributes of a selected transform MUST be returned
unmodified.
To me, "unmodified" does not mean choose one of three. So IMO the above
Proposal #1 should be as follows (ignoring the missing ESN):
Proposal #1
ESP
SPIx
|
---------------------
| |
Transform A Transform B Transform C Transform D
ENCR ENCR ENCR AUTH
AES AES AES HMAC-SHA-256
| | |
Attr Ax Attr Ay Attr Az
128 192 256
The initiator of an exchange MUST check that the
accepted offer is consistent with one of its proposals, and if not
that response MUST be rejected.
BTW: how do you reject a response?
Yoav
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
