[strongSwan] When is DH re-negotiated ?
graham.hudspith at gmail.com
Thu Mar 24 13:58:16 CET 2011
Thanks for the reply. Couple of follow-ons ...
On 24 March 2011 12:15, Martin Willi <martin at strongswan.org> wrote:
> > Here, for our initiators, we give this choice to the SeGW by
> > specifying that we accept either (e.g. "aes-sha1-modp1024,aes-sha1!").
> > My understanding is that by specifying the above, we are leaving it up
> > to the SeGW to choose whether to always re-negotiate the DH when the
> > CHILD_SA is rekeyed (by sending back to us "aes-sha1-modp1024") or to
> > never re-negotiate the DH when the CHILD_SA is rekeyed (by sending
> > back to us "aes-sha1").
> As long as the rekeying is always initiated by the SeGW, your
> understanding is correct.
In this case, I believe that it is always us (the client) that initiates
rekeying. So, by proposing "aes-sha1-modp1024,aes-sha1!", you could say that
we are giving the SeGW a choice of whether it wants us to perform a DH or
non-DH CHILD_SA rekey ?
> So, if the former, does this mean that a new DH is re-negotiated
> > everytime we rekey the CHILD_SA AND a new DH is re-negotiated
> > everytime we rekey the IKE_SA ?
> > If the latter, does this mean that a new DH is re-negotiated ONLY when
> > we rekey the IKE_SA ?
> > Finally, if the latter, can the SeGW vary when the DH is re-negotiated
> > (i.e. re-negotiate the DH every THIRD time the CHILD_SA is rekeyed) ?
> Yes, yes. And yes ;-).
So, if we propose "aes-sha1-modp1024,aes-sha1!" and the SeGW returns
"aes-sha1" and it is up to us whether or not we actually perform a DH or
non-DH CHILD_SA rekey, it would probably be rude for us to attempt a DH
CHILD_SA rekey when the SeGW has indicated a preference for a non-DH one ?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users