* * * *
Section 1.2. The Initial Exchanges Communication using IKE always begins with IKE_SA_INIT and IKE_AUTH exchanges (known in IKEv1 as Phase 1). These initial exchanges normally consist of four messages, though in some scenarios that number can grow. All communications using IKE consist of request/ response pairs. We'll describe the base exchange first, followed by variations. The first pair of messages (IKE_SA_INIT) negotiate cryptographic algorithms, exchange nonces, and do a Diffie-Hellman exchange [DH <http://tools.ietf.org/html/draft-ietf-ipsecme-ikev2bis-05#ref-DH>]. It would be better to say Communication using *IKEv2* always begins with IKE_SA_INIT and IKE_AUTH exchanges (known in IKEv1 as Phase 1). These initial exchanges normally consist of four messages, though in some scenarios that number can grow. All communications using IKE consist of request/ response pairs. We'll describe the base exchange first, followed by variations. The first pair of messages (IKE_SA_INIT) negotiate cryptographic algorithms, exchange nonces, and do a Diffie-Hellman exchange [DH <http://tools.ietf.org/html/draft-ietf-ipsecme-ikev2bis-05#ref-DH>]. Even though IKE has been used before this section where it is meant as IKEv2. So, also we can say like. "IKE and IKEv2 has been used interchangeably". But some place IKE is refer'd as generic protocol. So, mentioning IKE, IKEv1 and IKEv2 need to be done. Thanks & Regards, Raj On Fri, Jan 15, 2010 at 2:01 PM, Tero Kivinen <kivi...@iki.fi> wrote: > Scott C Moonen writes: > > > Section 1.4 says that > > > > > > INFORMATIONAL exchanges MUST ONLY occur > > > after the initial exchanges and are cryptographically protected with > > > the negotiated keys. > > > > > > This does not match the 1.5 which says we can send INFORMATIONAL > > > exchanges also outside the IKE SA. > > > > I think that section 1.5 is pretty careful to distinguish between > > informational messages (sent outside the IKE SA) and informational > > exchanges (which occur only within the context of an IKE SA). I'm > > inclined to keep the Section 1.4 text as it is. If you prefer, though, > > I'd be ok with clarifying Section 1.4 to say "INFORMATIONAL exchanges (to > > be distinguished from INFORMATIONAL messages sent outside the context of > > an IKE SA) . . ." > > That change looks even better than my proposed one... > -- > kivi...@iki.fi > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec >
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
