[prev in list] [next in list] [prev in thread] [next in thread]
List: ipsec
Subject: [IPsec] RFC5996 section 2.13
From: Sean Lawless <sean () blunkmicro ! com>
Date: 2013-11-13 6:33:07
Message-ID: 52831D23.5090709 () blunkmicro ! com
[Download RAW message or body]
Hello,
I am implementing RFC 5996 and am confused with section 2.13. The text defines
prf+ (K,S), but does not define K or S. Specifically I am trying to generate
SKEYSEED using PRF_HMAC_SHA1. The HMAC function takes a variable length data
and a secret. For prf+ (K,S), are the nonce's (K) the data portion of the HMAC
algorithm or the secret?
2.13 mentions SK_d, SK_pi, etc. but these are not used until 2.14 where the same
description is duplicated from 2.13. I would be grateful if K and S can be well
defined in section 2.13 instead of SK_d, SK_pi, etc.
Best Regards,
Sean Lawless
Sr. SW Engineer
Blunk Microsystems LLC
sean@blunkmicro.com
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic