Re: [IPsec] For Ahmad's benefit
"Ahmad Muhanna" <amuhanna@nortel.com> Tue, 18 November 2008 16:10 UTC
Return-Path: <ipsec-bounces@ietf.org>
X-Original-To: ipsec-archive@megatron.ietf.org
Delivered-To: ietfarch-ipsec-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 686A93A6916; Tue, 18 Nov 2008 08:10:51 -0800 (PST)
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1D3843A69CF for <ipsec@core3.amsl.com>; Tue, 18 Nov 2008 08:10:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YbdICuszfAee for <ipsec@core3.amsl.com>; Tue, 18 Nov 2008 08:10:49 -0800 (PST)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id CA7CF3A68E7 for <ipsec@ietf.org>; Tue, 18 Nov 2008 08:10:48 -0800 (PST)
Received: from zrc2hxm0.corp.nortel.com (zrc2hxm0.corp.nortel.com [47.103.123.71]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id mAIGAhu15498; Tue, 18 Nov 2008 16:10:43 GMT
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Tue, 18 Nov 2008 10:10:39 -0600
Message-ID: <C5A96676FCD00745B64AE42D5FCC9B6E1BC0F99F@zrc2hxm0.corp.nortel.com>
In-Reply-To: <4922E3F4.2050805@qualcomm.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [IPsec] For Ahmad's benefit
Thread-Index: AclJlYMOYqEaNIbySbaQC5HZfjNEEAAAcvMQ
References: <4922E3F4.2050805@qualcomm.com>
From: Ahmad Muhanna <amuhanna@nortel.com>
To: Lakshminath Dondeti <ldondeti@qualcomm.com>, ipsec@ietf.org
Subject: Re: [IPsec] For Ahmad's benefit
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Hi Lakshminath, As I said, all the text you captured assumed the ticket contain a value NOT a reference. Please take a look at Pasi's posting and my reply. Basically in order to be clear enough and reduce a lot of exchange, the draft is written with one type of ticket is in mind. "TICKET with VALUE" I suggest that the draft be rewritten with both types of tickets in mind as the draft itself ALLOWS. Cheers! Regards, Ahmad > -----Original Message----- > From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] > On Behalf Of Lakshminath Dondeti > Sent: Tuesday, November 18, 2008 9:49 AM > To: ipsec@ietf.org > Subject: [IPsec] For Ahmad's benefit > > It's still possible that I haven't read my own draft. I just > wrote it :). So, for Ahmad's benefit, here are some excerpts: > > "This document specifies a new IKEv2 exchange type called > IKE_SESSION_RESUME whose value is TBA by IANA. This exchange is > somewhat similar to the IKE_AUTH exchange, and results in the > creation of a Child SA. " > > Here is how it looks like and you might notice the similarity > to IKE_AUTH: > > "HDR, Ni, N(TICKET_OPAQUE), [N+,] > SK {IDi, [IDr,] SAi2, TSi, TSr [, CP(CFG_REQUEST)]} -->" > > > "4.2.1. Protection of the IKE_SESSION_RESUME Exchange > > > The two messages of this exchange are protected by a > "subset" IKE SA. > The key material is derived from the ticket, as follows:" > > > So, at this point, I wonder whether the question was about > how the Session resumption exchange is protected. > > best, > Lakshminath > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] For Ahmad's benefit Lakshminath Dondeti
- Re: [IPsec] For Ahmad's benefit Ahmad Muhanna
- Re: [IPsec] For Ahmad's benefit Lakshminath Dondeti