From 6585e5ad764ee2414d9b01f30784b6549bc8f58e Mon Sep 17 00:00:00 2001 From: Othmar Gsenger Date: Mon, 30 Jul 2007 19:37:53 +0000 Subject: added keyexchange --- keyexchange/isakmpd-20041012/QUESTIONS | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 keyexchange/isakmpd-20041012/QUESTIONS (limited to 'keyexchange/isakmpd-20041012/QUESTIONS') diff --git a/keyexchange/isakmpd-20041012/QUESTIONS b/keyexchange/isakmpd-20041012/QUESTIONS new file mode 100644 index 0000000..91225cc --- /dev/null +++ b/keyexchange/isakmpd-20041012/QUESTIONS @@ -0,0 +1,34 @@ +$OpenBSD: QUESTIONS,v 1.5 2003/11/05 12:31:21 jmc Exp $ +$EOM: QUESTIONS,v 1.12 1998/10/11 17:11:06 niklas Exp $ + +Does the spec limit the count of SA payloads in a message? Where if so? +[ Only the specific IKE main mode does. In the IKE spec.] + +The message ID field of the header, can it be considered a SA identifier +if used together with the cookiepair? [Yes, it is meant to be that] + +DOI 0, what protocols are defined for it? Where? + +Isn't this a potential DOS attack: +Hostile user listens for ISAKMP traffic, and then extracts cookiepairs +and message IDs which he uses to flood any of the peers with spoofed +packets pretending to be the other one. Most probably these packets will +result in error notifications which potentially result in SA tear-down? +Maybe should notifications never be issued for erroneous packets which +cannot be authenticated? Or should we not tear down SAs as results of +notifications? + +Certicom claims to hold licenses for Elliptic Curve Cryptography? Does this +concern us? See: http://grouper.ieee.org/groups/1363/P1363/patents.html + +Main mode when using public key encryption authentication does not look +like an identity protection exchange to me. Must I really get rid of +the generic ISAKMP payload presense tests? + +IV generation is not described precisely in Appendix B of -oakley-08.txt: +'Subsequent messages MUST use the last CBC encryption block from the previous +message as their IV'. This probably means that we take the new IV from the +last encrypted block of the last message we sent. The SSH testing site uses +the last block from the last message they received. This is probably not +what was meant and should be clarified on ipsec@tis.com. +[ From what we have gathered this is what is meant. ] -- cgit v1.2.3