[anonsec] details of IKE/IPsec channel binding
Julien Laganier
julien.IETF at laposte.net
Tue Apr 3 06:26:42 PDT 2007
On Wednesday 21 March 2007 18:06, Nicolas Williams
wrote:
> On Wed, Mar 21, 2007 at 05:46:03PM +0100, Michael
Richardson wrote:
> > At lunch I was discussing the question of what the
> > IKE/IPsec channel binding blog would be.
>
> I think you meant "blob" not "blog" :)
>
> We've discussed this before and the answer is:
>
> - the public key values of the two peers
> concatenated in this order: channel initiator ||
> channel acceptor
>
> or some similar transformation of those two values.
You might also want to do something similar to what HIP
does:
min(pk_i, pk_r) || max(pk_i, pk_r) so that the channel
bindings between two peers is independent from who
initiated the IKE exchange.
--julien
More information about the ANONSEC
mailing list