The Check Point Firewall-1 Docs insist, that the public keys be used
for p and g for the Oakley key exchange. I ask you: is this

  - which of the two pubkeys will be p, which g?
  - are they both always primes?
  - are they both always suitable generators mod p?

It just seems to me that Check Point isn't entirely sure themselves
here. I'd appreciate a short cleanup...

To my knowledge, g and p are globally defined, either in DH Groups
(which are nothing but pre-defined g's and p's, right?), or
otherwise set constant. Am I wrong about this?


martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
invalid PGP subkeys? use as keyserver!
"one should never do anything that
 one cannot talk about after dinner."
                                                        -- oscar wilde

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to