Hello!

Although we don't have the final H.225.0 version yet, I have questions regarding the following definition:

CryptoH323Token::= CHOICE { cryptoEPPwdHash SEQUENCE { alias AliasAddress, -- alias of entity generating hash timeStamp TimeStamp, -- timestamp used in hash token HASHED { EncodedPwdCertToken -- generalID set to 'alias' -- } }, cryptoGKPwdHash SEQUENCE { gatekeeperId GatekeeperIdentifier, -- GatekeeperID of GK generating hash timeStamp TimeStamp, -- timestamp used in hash token HASHED { EncodedPwdCertToken -- generalID set to Gatekeeperid -- } }, cryptoEPPwdEncr ENCRYPTED { EncodedPwdCertToken -- generalID set to Gatekeeperid --}, cryptoGKPwdEncr ENCRYPTED { EncodedPwdCertToken -- generalID set to Gatekeeperid --}, cryptoEPCert SIGNED { EncodedPwdCertToken -- generalID set to Gatekeeperid -- }, cryptoGKCert SIGNED { EncodedPwdCertToken -- generalID set to alias -- }, cryptoFastStart SIGNED { EncodedFastStartToken }, nestedcryptoToken CryptoH323Token, ... }

1. What is the meaning a recursive definition of "nestedcryptoToken" as a

Orit, The idea behind the nested 'cryptoToken' was specifically to allow for any of the pre-defined tokens to be 'double-wrapped' as one of the choices. In terms of redifining this as a sequence, that is allowed for by the parent structures that include the CryptoH323Token as a 'SEQUENCE OF'. With reference to the 'inconsistencies' you are correct, the comments are a bit mixed up. They should look like the following. jimt. { cryptoEPPwdHash SEQUENCE { alias AliasAddress, -- alias of entity generating hash timeStamp TimeStamp, -- timestamp used in hash token HASHED { EncodedPwdCertToken -- generalID set to GatekeeperId -- } }, ^^^^^^^^^^^ cryptoGKPwdHash SEQUENCE { gatekeeperId GatekeeperIdentifier, -- GatekeeperID of GK generating hash timeStamp TimeStamp, -- timestamp used in hash token HASHED { EncodedPwdCertToken -- generalID set to alias -- } }, ^^^^^^^ cryptoEPPwdEncr ENCRYPTED { EncodedPwdCertToken -- generalID set to Gatekeeperid --}, cryptoGKPwdEncr ENCRYPTED { EncodedPwdCertToken -- generalID set to alias --}, ^^^^^^ cryptoEPCert SIGNED { EncodedPwdCertToken -- generalID set to Gatekeeperid -- }, cryptoGKCert SIGNED { EncodedPwdCertToken -- generalID set to alias -- }, cryptoFastStart SIGNED { EncodedFastStartToken }, nestedcryptoToken CryptoH323Token, ... } At 12:17 PM 2/10/98 -0500, you wrote: part of the general CHOICE clause? Shouldn't it be like it is shown below (i.e. providing a "layered" encription) , for example?

CryptoH323Token::= SEQUENCE { cryptoNewName CHOICE { cryptoEPPwdHash SEQUENCE {}, cryptoGKPwdHash SEQUENCE {}, cryptoEPPwdEncr ENCRYPTED { EncodedPwdCertToken -- generalID set to Gatekeeperid --}, . . . cryptoFastStart SIGNED { EncodedFastStartToken }, ... } nestedcryptoToken CryptoH323Token }

2. It seems that there are at least two inconsistencies regarding the two following definitions "generalID set to Gatekeeperid" and "generalID set to alias" in the clause above. Please, revise the remarks for the following fields: cryptoEPPwdEncr cryptoGKPwdEncr cryptoEPCert cryptoGKCert

Thank you, Orit Levin RADVision Inc. E Mail: orit@radvision.com 575 Corporate Dr., Suite 420 Tel: 201-529-4300 ext. 230 Mahwah, NJ 07430 Fax: 201-529-3516

************************************************************************* *** +1-503-264-8816(voice) +1-503-264-3485(fax) *** *** jtoga@ideal.intel.com Intel - Hillsboro, OR. *** *** PGP keyID 36 07 86 49 7D 74 DF 57 50 CB BA 32 08 9C 7C 41*** *************************************************************************