abilities of the sender.
* In MSG3/MSG4: a 16-bit integer being the sender's MTU, or zero.
(In other messages: nothing.) See below.
+ * In MSG2/MSG3: a list of the peer's public keys that the sender will
+ accept: (i) a 1-byte integer count (ii) that many 5-byte key ids.
+ If not present, implicitly only the special key id 0000000000.
+ * In MSG3/MSG4: an 8-bit integer being an index into the
+ receiver's public key acceptance list, with which the message
+ is signed. If not present, implicitly the key id 00000000000.
* More data which is yet to be defined and which must be ignored
by receivers.
The optional additional data after the receiver's name is not
1. Early capability flags must be advertised in MSG1 or MSG2, as
applicable. If MSG3 or MSG4 advertise any "early" capability bits,
- MSG1 or MSG3 (as applicable) must have advertised them too. Sadly,
- advertising an early capability flag will produce MSG1s which are
- not understood by versions of secnet which predate the capability
- mechanism.
+ MSG1 or MSG3 (as applicable) must have advertised them too.
-2. Late capability flags are advertised in MSG2 or MSG3, as
- applicable. They may also appear in MSG1, but this is not
- guaranteed. MSG4 must advertise the same set as MSG2.
+2. Late capability flags may be advertised only in MSG2 or MSG3, as
+ applicable. They are only in MSG1 with newer secnets; older
+ versions omit them. MSG4 must advertise the same set as MSG2.
Currently, the low 16 bits are allocated for negotiating bulk-crypto
transforms. Bits 8 to 15 are used by Secnet as default capability
interrupted by a restart is limited to the key exchange total
retransmission timeout, rather than also including the key exchange
retry timeout.
+
+
+--
+This file is part of secnet.
+See LICENCE and CREDITS for full list of copyright holders.
+SPDX-License-Identifier: GPL-3.0-or-later
+There is NO WARRANTY.
~ianmdlvl / secnet.git / blobdiff