[anonsec] details of IKE/IPsec channel binding
Nicolas Williams
Nicolas.Williams at sun.com
Wed Mar 21 10:06:35 PDT 2007
On Wed, Mar 21, 2007 at 05:46:03PM +0100, Michael Richardson wrote:
> At lunch I was discussing the question of what the IKE/IPsec channel binding blog would be.
I think you meant "blob" not "blog" :)
We've discussed this before and the answer is:
- the public key values of the two peers concatenated in this order:
channel initiator || channel acceptor
or some similar transformation of those two values.
The connection latching I-D doesn't state this, but _could_ state this.
I'd expected to put this into a separate document.
Nico
--
More information about the ANONSEC
mailing list