This was actually reported by both Yaron and Tero. I have no problem moving the QCD token to the first message (in case of EAP), but as Yaron requested, I will not publish the fixed version before the resolution of #191.
Two more issues soon. Yoav On Sep 21, 2010, at 3:06 PM, Yoav Nir wrote: > Reported by Yaron Sheffer: > > I would have preferred the token to be resistant to stealing (and > duplication), in which case it can be sent in the *first* AUTH message. If we > ensure that the token maker's SPI is long/random (see below), this might be > possible. > > > The relevant part of the document is in the first paragraph of section 3, and > the diagram in section 4.2: > > Supporting implementations will send a notification, called a "QCD > token", as described in Section 4.1 in the last IKE_AUTH exchange > messages. > > First or last don't matter for certificate or PSK authentication (where there > is only one IKE_AUTH request), but does matter for EAP authentication, and > for multiple authentications, and possibly for the future weak PSK methods. > > I don't have an opinion either way, except for it being a minor optimization > to not generate the token if EAP is going to fail. Please send your opinions > to the list. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec