Earlier, Section 1.3 also had this bug (but it was fixed in -02). I'd suggest rephrasing this the same way as 1.3:
OLD: "If the guess turns out to be wrong, the responder will indicate the correct group in the response and the initiator SHOULD pick an element of that group for its KE value when retrying the first message." NEW: "If the responder selects a proposal using a different Diffie-Hellman group (other than NONE), the responder will indicate the correct group in the response and the initiator SHOULD pick an element of that group for its KE value when retrying the first message." Best regards, Pasi ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of ext Yaron Sheffer Sent: 03 March, 2009 20:18 To: [email protected] Subject: [IPsec] Issue #6: DH proposal and INVALID_KE_PAYLOAD http://trac.tools.ietf.org/wg/ipsecme/trac/ticket/6 Yaron: Section 3.3.6, second paragraph: Assume a CREATE_CHILD_SA packet is received with SA payload proposal 1 D-H=2 ... proposal 2 D-H=0 ... KE payload D-H=2 ... Assume the responder wants to pick proposal number 2. Because the KE payload refers to D-H=2, the responder must return INVALID_KE_PAYLOAD, event though the responder could just select proposal 2 and omit the KE payload in the response. Paul: Sending INVALID_KE_PAYLOAD in this case certainly wasn't the intent, but you're right that the text doesn't explicitly say this. Yaron: Should we say something like: An exception is the case where one of the proposals offered is for D-H group NONE. In this case, the responder MUST ignore the initiator’s KE payload and omit the KE payload from the response.
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
