[freenet-dev] Issue with Message 2 was Re: [freenet-cvs] r15395 - in trunk/freenet/src/freenet: crypt node
Florent Daignière
nextgens at freenetproject.org
Sun Sep 30 09:13:33 UTC 2007
* Florent Daignière <nextgens at freenetproject.org> [2007-09-30 08:43:49]:
> * Matthew Toseland <toad at amphibian.dyndns.org> [2007-09-29 22:05:06]:
>
> > I don't understand message 2. We send g^i in message 1, and then we don't send
> > it back in message 2, we wait for it to be resent in message 3. Is it
> > possible that this is a mistake in the spec PDF? The internet-draft version
> > of the spec has it a little differently:
> >
> > Message 2, R->I: Ni, Nr, g^r, GRPINFOr, IDr,
> > SIG{r}(g^r), HMAC{HKr}(Ni, Nr, g^i, g^r)
> >
> > JFK pdf: http://people.csail.mit.edu/canetti/materials/jfk.pdf
> > JFK internet-draft: http://tools.ietf.org/html/draft-ietf-ipsec-jfk-00
> >
>
> I've used an other version... of the same draft :
> Message 2, R->I: Ni, Nr, g^r, GRPINFOr, IDr,
> SIG{r}(g^r, GRPINFOr), HMAC{HKr}(g^r, Nr, Ni, IPi)
>
> > AFAICS it is important that the initiator commit to a specific g^i at the
> > beginning, no? And we don't store it, so we have to send it back, and include
> > it in the authenticator?
> >
>
> The version of the paper I have doesn't do it ... but it sounds like a
> good idea to put it in the authenticator.
As of r15416 it's done
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070930/65c20076/attachment.pgp
More information about the Devl
mailing list