Professional Documents
Culture Documents
• All IKE payloads begin with a generic payload header, including Next
Payload and Payload Length fields.
• Table 19.3 summarizes the payload types defined for IKE, including SA,
Key Exchange, Identification, Certificate, Certificate Request, Authentication,
Nonce, and Notify payloads.
• The SA payload is used to begin the establishment of an SA and contains
multiple proposals, each with multiple protocols, transforms, and attributes.
• The Key Exchange payload is used for various key exchange techniques
and contains data required to generate a session key.
• The Identification payload determines the identity of communicating
peers and typically contains an IP address.
• The Certificate payload transfers a public-key certificate and can include
different encoding types such as X.509 certificate, PGP certificate, and more.
• The Notify payload contains error or status information associated with
the SA negotiation and can include various messages such as invalid syntax,
authentication failure, and more.