> On 27 Sep 2016, at 2:42 PM, Valery Smyslov <[email protected]> wrote:
>
> Hi Alexey,
>
> payload type for the Puzzle Solution Payload is specified in the last sentence
> of Section 8.2:
>
> The payload type for the Puzzle Solution payload is <TBA by IANA>.
>
> It is not included in the diagram in this section since the "Next Payload"
> field in generic payload header contains the type of the following payload,
> not the type of payload the diagram depicts.
But it is depicted in sections 7.1.2 and 7.2.2. In both cases denoted as PS
(=puzzle solution):
From 7.1.2:
If the Initiator supports puzzles and is ready to solve them, then it
tries to solve the given puzzle. After the puzzle is solved the
Initiator restarts the request and returns back to the Responder the
puzzle solution in a new payload called a Puzzle Solution payload
(denoted as PS, see Section 8.2) along with the received COOKIE
notification.
HDR, N(COOKIE), [PS,] SA, KE, Ni, [V+][N+] —>
From 7.2.2:
If the IKE_SA_INIT response message contains the PUZZLE notification
and the Initiator supports puzzles, it MUST solve the puzzle. Note,
that puzzle construction in the IKE_AUTH exchange differs from the
puzzle construction in the IKE_SA_INIT exchange and is described in
Section 7.2.3. Once the puzzle is solved the Initiator sends the
IKE_AUTH request message, containing the Puzzle Solution payload.
HDR, PS, SK {IDi, [CERT,] [CERTREQ,]
[IDr,] AUTH, SA, TSi, TSr} -->
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
