[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipsec
Subject:    ISAKMP - New Version (v8)
From:       wdm () epoch ! ncsc ! mil (W !  Douglas Maughan)
Date:       1997-07-26 23:16:05
[Download RAW message or body]

----------
X-Sun-Data-Type: text
X-Sun-Data-Description: text
X-Sun-Data-Name: text
X-Sun-Content-Lines: 33

All,

A new version of the ISAKMP Internet Draft has been sent to press. It
should be available in the near future. In the meantime, the attached
document explains the changes made from version 7. Most of these
changes were made based on comments from the IPSEC list and those
received via personal e-mail.

Special thanks to:

John Burke, Cylink
Dave Mason, Trusted Information Systems
Jim Ryder, IBM
Tom Markham, Secure Computing Corp.
Greg Carter, Entrust Technologies
Michael Richardson, Independent Security Consultant
Angelos Keromytis, Univ. of Pennsylvania
Roy Pereira, TimeStep
Baiju Patel, Intel
Norman Shulman, Secure Computing Corp.
Harald Koch, Secure Computing Corp.
Ben Rogers, Ascend
Matt Thomas, AltaVista
Edward Russell, FTP Software
Luis Sanchez, BBN
Richard Waterhouse, GTE
Dan Harkins, Cisco
Ruth Taylor, NSA

for their detailed review of version 7 of the protocol specification
and the comments they provided.

Doug Maughan
----------
X-Sun-Data-Type: default
X-Sun-Data-Description: default
X-Sun-Data-Name: ISAKMP_v7_changes.txt
X-Sun-Content-Lines: 60

ISAKMP - Changes made from 07 to 08
-----------------------------------

Section 2
---------
2.3	Changes to text about negotiation phases

2.4	Clarification of SPI size - variable instead of fixed

2.4	Clarification of SPI in relation to Proposal and Protocol

2.4	Clarification of processing multiple Proposals
	- "ownership and control" of SA establishment

2.5     Clarification of cookie for SA Notify and SA Delete - no longer
	required
	- Notify and Delete under protection of existing ISAKMP SA

2.5	Clarification of procedure for sending Notify and Delete payloads

Section 3
---------
3       Changed text so that ISAKMP messages MUST be aligned on 4-byte
	alignment instead of ISAKMP payloads on 4-byte boundaries

3	References to several figures corrected

3.1     Clarification of ISAKMP Header Commit Bit and relationship to
	the Notify payload

3.6	Clarification of ordering of fields in Transform payload

3.9	Added SPKI Certificate Type for Certificate payload

3.14	Clarification of procedure for sending Notify and Delete payloads

3.14.1	Notify Message Types
	- changed RESERVED and FUTURE USE numbers to be more "binary
	friendly"

Section 4
---------
4.1.1	Clarification of SA examples
	- inclusion of SPI size field in SA establishment examples

4.3	Clarification of exchanges and the provision of anti-clogging

Section 5
---------
5	Minor edits and clarifications to several payload processing sections

5.12/13	Added detailed descriptions for handling Notify and Delete payloads

Appendix A
----------
A.2.2	Supported Security Protocols
	- changed IANA, FUTURE, and PRIVATE USE numbers to be more
	"binary friendly"

[prev in list] [next in list] [prev in thread] [next in thread]