Paul Hoffman writes:
At 9:58 AM +0300 10/30/09, Valery Smyslov wrote:
Hi all,
I'd like to reiterate my early message, which I haven't got answer to.
My concerns are:
1. How padding pre-sahred key with string Key Pad for IKEv2
could help to avoid storing pre-shared key in IKE
pasi.ero...@nokia.com writes:
I think you're correct that RFC 4307 has a bug: ENCR_NULL
should be MUST NOT, instead of MAY (note that ENCR_NULL
in 4305/4835 is MUST). Go ahead and submit an errata
about this!
Done.
--
kivi...@iki.fi
___
IPsec
Hi Paul and Tero,
thank you for your answers.
The PRF (or set of PRFs) is known by the receiving party. If the two
parties always only use one PRF, it is known. The padding is not a
universal solution for the reasons you give, but it works in the
common case of peers who know each
Valery Smyslov writes:
Hi Paul and Tero,
thank you for your answers.
The PRF (or set of PRFs) is known by the receiving party. If the two
parties always only use one PRF, it is known. The padding is not a
universal solution for the reasons you give, but it works in the
common