[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    main mode with signature authentication
From:       0xLJCDF5BBAABBF0z/0xLJC4CFBEA9B7D6B2BFz/CDMA0xLJCAC2D2B5B2BFz/zte_ltd <0xLJCDF5B
Date:       2001-09-21 0:47:01
[Download RAW message or body]

hi,
there are there roundtrips in the process of ISAKMP SA establishment using
main mode authenticated with signature,the message is encrypted and
authenticated
  in the last roundtrip,there are two statements:

1.the encryption algorithm is negotiated in payload SA during the first
roundtrip,
   and the key is derivated from SKEYID_e after the second roundtrip.

2.the authentication algorithm(Signature) is designated before current
ISAKMP SA
   negotiation,ie. its designation is irrelevant with current ISAKMP SA
negotiation.

i cannot confirm the statements,any comment is appreciated.

thanks in advance
whh

[prev in list] [next in list] [prev in thread] [next in thread]