Thread Links Date Links
Thread Prev Thread Next Thread Index Date Prev Date Next Date Index

[STDS-802-16] Question about SA-TEK-Response in Rev2-D0b



This is probably a bad time to ask, just after a plenary but here it is..

 

In D0b, there is a change to SA-TEK-Response (6.3.2.3.9.20), Table 71, that adds a TLV onto the end of the message “PKMv2 Configuration Settings (11.9.36)”.

 

This comes after the HMAC/CMAC Digest.

 

It’s normal for the digest to come last and 11.1.2 mandates that it is.

11.1.2 Authentication tuples

An authentication tuple shall be the last item in identified management messages.

 

So I have two questions.

1)       Why isn’t the PKMv2 Configuration Settings TLV the last-but-one TLV in Table 71? It seems misleading to list is last.

2)       Why is it there at all?

 

Thanks

DJ

 

 

----

David Johnston.

Wireless Security Architect. Intel Corporation

dj.johnston@intel.com

 

Cell: 503 380 5578

Desk: 503 712 4457