Yoav, > The QCD token depends on the IKE SPIs. The Initiator SPI is sent in the > request, but the Responder SPI is sent in the response. Because of this, > the Initiator cannot calculate the QCD token when sending the rekey request. > The responder, however, has both IKE SPIs, and is able to send the QCD token > in the CREATE_CHILD_SA response.
Aah, right, that makes sense. > I can add a bullet point there saying something like "The method of token > generation MUST be such, that a collision of QCD tokens between different > pairs of IKE SPI will be highly unlikely." Is that satisfactory? Yes, thanks! Scott Moonen (smoo...@us.ibm.com) z/OS Communications Server TCP/IP Development http://www.linkedin.com/in/smoonen From: Yoav Nir <y...@checkpoint.com> To: Scott C Moonen/Raleigh/i...@ibmus Cc: Yaron Sheffer <yaronf.i...@gmail.com>, IPsecme WG <ipsec@ietf.org>, "ipsec-boun...@ietf.org" <ipsec-boun...@ietf.org> Date: 08/13/2010 03:34 PM Subject: Re: [IPsec] Failure detection proposals, stage 2 On Aug 13, 2010, at 10:07 PM, Scott C Moonen wrote: > I've looked over the two drafts. My summary impression is that I prefer QCD, albeit for subjective reasons. It is less complicated and therefore simpler to implement and test. I think I would have a higher degree of confidence in planning it for our implementation, and I suspect it would see more quick and widespread use. > > Some comments/questions for the individual drafts: > > QCD: > (1) Why can't the N(QCD_TOKEN) appear in the CREATE_CHILD_SA request message for rekeying the IKE SA? > The QCD token depends on the IKE SPIs. The Initiator SPI is sent in the request, but the Responder SPI is sent in the response. Because of this, the Initiator cannot calculate the QCD token when sending the rekey request. The responder, however, has both IKE SPIs, and is able to send the QCD token in the CREATE_CHILD_SA response. > (2) The draft (perhaps in the section 5 intro) should emphasize that the tokens MUST be produced in such a way that different IKE SPI pairs are unlikely to share the same token value. > I can add a bullet point there saying something like "The method of token generation MUST be such, that a collision of QCD tokens between different pairs of IKE SPI will be highly unlikely." Is that satisfactory? I will leave it to others to answer for SIR.
<<inline: graycol.gif>>
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
