📄 rfc2522.txt
字号:
message is sent.
- When too many SPI values are already in use for this particular
peer, or too many concurrent exchanges are in progress, or some
other resource limit is reached, a Resource_Limit message is sent.
- When an invalid Scheme-Choice is detected, or the Exchange-Value
is obviously defective, or the variable length Offered-Attributes
do not match the UDP Length, the message is silently discarded;
the implementation SHOULD log the occurance, and notify an
operator as appropriate.
When the message is valid, the Responder sets its Exchange timer to
the Exchange TimeOut, and returns a Value_Response.
The Responder keeps a copy of the incoming Value_Request cookie pair,
and its Value_Response. If a duplicate Value_Request is received, it
merely resends its previous Value_Response, and takes no further
action.
4.0.3. Send Value_Response
The Responder generates an appropriate Exchange-Value for the
Scheme-Choice. This Exchange-Value may be pre-calculated and used
for multiple Initiators.
The IP Source for the Initiator is examined, and the attributes
available between the parties are listed in the Offered-Attributes.
Implementation Notes:
At this time, the Responder begins calculation of the shared-
secret. Calculation of the shared-secret is executed in parallel
to minimize delay.
This may take a substantial amount of time. The implementor
should ensure that retransmission is not blocked by this
calculation. This is not usually a problem, as retransmission
timeouts typically exceed calculation time.
Karn & Simpson Experimental [Page 22]
RFC 2522 Photuris Protocol March 1999
4.0.4. Receive Value_Response
The Initiator validates the pair of Cookies, the Exchange-Value, and
the Offered-Attributes.
- When an invalid/expired cookie is detected, the message is
silently discarded.
- When the Exchange-Value is obviously defective, or the variable
length Offered-Attributes do not match the UDP Length, the message
is silently discarded; the implementation SHOULD log the
occurance, and notify an operator as appropriate.
- Once a valid message has been received, later Value_Responses with
both matching cookies are also silently discarded, until a new
Cookie_Request is sent.
When the message is valid, the Initiator begins its parallel
computation of the shared-secret.
When the Initiator completes computation, it sends an
Identity_Request to the Responder.
Karn & Simpson Experimental [Page 23]
RFC 2522 Photuris Protocol March 1999
4.1. Value_Request
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Initiator-Cookie ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Responder-Cookie ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Message | Counter | Scheme-Choice |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Initiator-Exchange-Value ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Initiator-Offered-Attributes ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Initiator-Cookie 16 bytes. Copied from the Cookie_Response.
Responder-Cookie 16 bytes. Copied from the Cookie_Response.
Message 2
Counter 1 byte. Copied from the Cookie_Response.
Scheme-Choice 2 bytes. A value selected by the Initiator from the
list of Offered-Schemes in the Cookie_Response.
Only the Scheme is specified; the Size will match
the Initiator-Exchange-Value, and the Value(s) are
implicit.
Initiator-Exchange-Value
Variable Precision Integer. Provided by the
Initiator for calculating a shared-secret between
the parties. The Value format is indicated by the
Scheme-Choice.
The field may be any integral number of bytes in
length, as indicated by its Size field. It does not
require any particular alignment. The 32-bit
alignment shown is for convenience in the
illustration.
Karn & Simpson Experimental [Page 24]
RFC 2522 Photuris Protocol March 1999
Initiator-Offered-Attributes
4 or more bytes. A list of Security Parameter
attributes supported by the Initiator.
The contents and usage of this list are further
described in "Offered Attributes List". The end of
the list is indicated by the UDP Length.
4.2. Value_Response
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Initiator-Cookie ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Responder-Cookie ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Message | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Responder-Exchange-Value ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Responder-Offered-Attributes ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
Initiator-Cookie 16 bytes. Copied from the Value_Request.
Responder-Cookie 16 bytes. Copied from the Value_Request.
Message 3
Reserved 3 bytes. For future use; MUST be set to zero when
transmitted, and MUST be ignored when received.
Responder-Exchange-Value
Variable Precision Integer. Provided by the
Responder for calculating a shared-secret between
the parties. The Value format is indicated by the
current Scheme-Choice specified in the
Value_Request.
The field may be any integral number of bytes in
Karn & Simpson Experimental [Page 25]
RFC 2522 Photuris Protocol March 1999
length, as indicated by its Size field. It does not
require any particular alignment. The 32-bit
alignment shown is for convenience in the
illustration.
Responder-Offered-Attributes
4 or more bytes. A list of Security Parameter
attributes supported by the Responder.
The contents and usage of this list are further
described in "Offered Attributes List". The end of
the list is indicated by the UDP Length.
4.3. Offered Attribute List
This list includes those attributes supported by the party that are
available to the other party. The attribute formats are specified in
the "Basic Attributes".
The list is composed of two or three sections: Identification-
Attributes, Authentication-Attributes, and (optional) Encapsulation-
Attributes. Within each section, the attributes are ordered from
most to least preferable.
The first section of the list includes methods of identification. An
Identity-Choice is selected from this list.
The second section of the list begins with "AH-Attributes" (#1). It
includes methods of authentication, and other operational types.
The third section of the list begins with "ESP-Attributes" (#2). It
includes methods of authentication, compression, encryption, and
other operational types. When no Encapsulation-Attributes are
offered, the "ESP-Attributes" attribute itself is omitted from the
list.
Attribute-Choices are selected from the latter two sections of the
list.
Support is required for the "MD5-IPMAC" (#5) attribute for both
"Symmetric Identification" and "Authentication" and they SHOULD be
present in every Offered-Attributes list.
Karn & Simpson Experimental [Page 26]
RFC 2522 Photuris Protocol March 1999
Implementation Notes:
For example,
"MD5-IPMAC" (Symmetric Identification),
"AH-Attributes",
"MD5-IPMAC" (Authentication).
Since the offer is made by the prospective SPI User (sender),
order of preference likely reflects the capabilities and
engineering tradeoffs of a particular implementation.
However, the critical processing bottlenecks are frequently in the
receiver. The SPI Owner (receiver) may express its needs by
choosing a less preferable attribute.
The order may also be affected by operational policy and requested
services for an application. Such considerations are outside the
scope of this document.
The list may be divided into additional sections. These sections
will always follow the ESP-Attributes section, and are
indistinguishable from unrecognized attributes.
The authentication, compression, encryption and identification
mechanisms chosen, as well as the encapsulation modes (if any),
need not be the same in both directions.
Karn & Simpson Experimental [Page 27]
RFC 2522 Photuris Protocol March 1999
5. Identification Exchange
Initiator Responder
========= =========
Identity_Request ->
make SPI
pick SPI attribute(s)
identify self
authenticate
make privacy key(s)
mask/encrypt message
<- Identity_Response
make SPI
pick SPI attribute(s)
identify self
authenticate
make privacy key(s)
mask/encrypt message
[make SPI ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -