Yoav Nir writes:
> Issue #139 - Keying material taken in the order for RoHC
>
> One of the differences between RFC 4306 and the IKEv2bis draft is in
Section 2.17, Generating Key Material for Child SAs. Appendix E.2 of the
IKEv2bis draft indi
Hi Paul,
Paul Hoffman writes:
> > > Ditto for Proposal #2: is there a good reason for you to not have
> >> included an INTEG transform?
> >I was trying to illustrate a combined mode algorithm. May have got it
wrong...
>
> That would be INTEG = NULL.
Omitting it completely is also allowed (section
Hi all
We would like to begin closing IKEv2bis issue at a faster rate than we are
opening new ones. Paul has sent the list a several issues. Some we have
discussed, others - not so much. Here's a summary of three issues, which I
think are ready for closure.
Issue #138 - Calculations involvin
Thanks again for the careful review. All changes made other than those listed
below.
--Paul HOffman
At 11:06 PM +0200 1/24/10, Yaron Sheffer wrote:
>2.21.: EAP Failure cases are missing altogether. Also, the first paragraph
>says that if an auth failure occurs at the responder, AUTHENTICATION_F
1.7: This also lead to -> This also led to
2.21.: EAP Failure cases are missing altogether. Also, the first paragraph says
that if an auth failure occurs at the responder, AUTHENTICATION_FAILED is
included in the protected response (to IKE_AUTH), while the last paragraph says
it's a separate In