[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

reliable notify question



Pardon me if this has been asked before.

In section 6.4.2 of the new IKE draft on reliable notifies, it says we need
to use the initiator and responder nonces in constructing the messages.

        Initiator                        Responder
      -----------                      -----------
       HDR*, HASH(1), Ni, N/D  -->
                               <--      HDR*, HASH(2), Nr, N/D

First, are these values the nonces that were already exchanged, or are they
newly generated for each reliable notify?  I presume the former.

If I am right so far, which nonce do we use, the MM nonces, or the QM
nonces?  I assume that we always use the MM nonce, since notifies are only
really bound to the MM, and not to any particular QM.

Is this correct?  

bs