1$OpenBSD: QUESTIONS,v 1.5 2003/11/05 12:31:21 jmc Exp $ 2$EOM: QUESTIONS,v 1.12 1998/10/11 17:11:06 niklas Exp $ 3 4Does the spec limit the count of SA payloads in a message? Where if so? 5[ Only the specific IKE main mode does. In the IKE spec.] 6 7The message ID field of the header, can it be considered a SA identifier 8if used together with the cookiepair? [Yes, it is meant to be that] 9 10DOI 0, what protocols are defined for it? Where? 11 12Isn't this a potential DOS attack: 13Hostile user listens for ISAKMP traffic, and then extracts cookiepairs 14and message IDs which he uses to flood any of the peers with spoofed 15packets pretending to be the other one. Most probably these packets will 16result in error notifications which potentially result in SA tear-down? 17Maybe should notifications never be issued for erroneous packets which 18cannot be authenticated? Or should we not tear down SAs as results of 19notifications? 20 21Certicom claims to hold licenses for Elliptic Curve Cryptography? Does this 22concern us? See: http://grouper.ieee.org/groups/1363/P1363/patents.html 23 24Main mode when using public key encryption authentication does not look 25like an identity protection exchange to me. Must I really get rid of 26the generic ISAKMP payload presense tests? 27 28IV generation is not described precisely in Appendix B of -oakley-08.txt: 29'Subsequent messages MUST use the last CBC encryption block from the previous 30message as their IV'. This probably means that we take the new IV from the 31last encrypted block of the last message we sent. The SSH testing site uses 32the last block from the last message they received. This is probably not 33what was meant and should be clarified on ipsec@tis.com. 34[ From what we have gathered this is what is meant. ] 35