[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Length of checksum in IKEv2 encrypted payload?

To: Pasi.Eronen@xxxxxxxxx
Subject: Re: Length of checksum in IKEv2 encrypted payload?
From: Geoffrey Huang <ghuang@xxxxxxxxx>
Date: Wed, 11 Feb 2004 10:23:05 -0800
Cc: ipsec@xxxxxxxxxxxxxxxxx
In-reply-to: <>
References: <>
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007

Pasi.Eronen@xxxxxxxxx wrote:

Hi,

The length of this field depends on what integrity algorithm was negotiated. IKEv2 assumes that all integrity algorithms have a fixed checksum length; this length is given in the specification for that algorithm (e.g. 96 bits for AUTH_HMAC_SHA1_96). Therefore, it's not necessary to have a length field in each packet.

Yes, that's what I thought. It would be nice if the draft spelled this out.

-g

Best regards,
Pasi

-----Original Message-----
From: owner-ipsec@xxxxxxxxxxxxxxxxx
[mailto:owner-ipsec@xxxxxxxxxxxxxxxxx]On Behalf Of ext Geoffrey Huang
Sent: Tuesday, February 10, 2004 1:56 AM
To: ipsec@xxxxxxxxxxxxxxxxx
Subject: Length of checksum in IKEv2 encrypted payload?

Hi there,

First, apologies if this has already been discussed - I
haven't been following this list closely lately, and I
couldn't find anything in the archives.

Section 3.14 of the IKEv2 draft describes the encrypted
payload, showing the last field of the payload to be the
integrity checksum.  The text doesn't describe how long the
field is.  From the diagram, it looks variable, but there is
no length field describing the value.  Is this an oversight?

-g

References:
- RE: Length of checksum in IKEv2 encrypted payload?
  - From: Pasi . Eronen

Prev by Date: RE: Length of checksum in IKEv2 encrypted payload?
Next by Date: NAT traversal and refreshes
Previous by thread: RE: Length of checksum in IKEv2 encrypted payload?
Next by thread: NAT traversal and refreshes
Index(es):
- Date
- Thread