H.324 and laptop kits

Mathieu Weill Mathieu_Weill at INMARSAT.ORG
Wed Jul 1 11:39:22 EDT 1998


Security is an optional feature, so no endpoint should be required to
send ICVs.

Does that help, or ruin your plan!?


Pete Cordell
BT Labs
E-Mail: pete.cordell at bt-sys.bt.co.uk
Tel: +44 1473 646436
Fax: +44 1473 645499

>From:  Bancroft Scott[SMTP:baos at OSS.COM]
>Sent:  30 June 1998 21:21
>Subject:       Re: ASN.1 accross revisions
>On Tue, 30 Jun 1998, Pete Cordell wrote:
>> I admit that I am only just hanging in there with this debate, but I
>> think I have a possible solution 5 to throw in as a contender.
>> Looking at the problem a bit laterally, we have RasMessage in UDP
>> packets that we want to sign, and H323-UserInformation in the UUIE that
>> we want to sign.  Currently these are the only chunks of ASN.1 in these
>> fields.
>> We could add a second piece of ASN.1 into these fields (UDP packet and
>> UUIE) that contains the signatures, such as:
>> H323Extra ::= CHOICE
>> {
>>       icv     ICV,
>>       ...
>> }
>> This would be a separate ASN.1 tree.  Therefore in a RAS UDP packet you
>> would get:
>>       RasMessage chunk of ASN.1
>>       H323Extra chunk of ASN.1 typically containing signature
>> Similarly in the UUIE, you would have
>>       H323-UserInformation chunk of ASN.1
>>       H323Extra chunk of ASN.1
>> Note that all the key ids and time stamps etc., would remain in the
>> RasMessage and H323-UserInformation parts (so they get signed).
>> I agree this is not beautiful, but it does not require multiple ASN.1
>> encodings, and doesn't radically change the format of the message
>> depending on whether you want to sign it or not (as solution 4 seems
>> to).
>This crossed my mind a couple days ago, but it is not clear how this
>be backward compatible.  That is, how would an older version handle
>added information that comes after the H323-UserInformation?  I like
>general idea, but if I am not mistaken it is not backward compatible.
>I have an idea as to how to do as you suggest in a backward compatible
>manner, but before I go down that path I need to know the answer to
>the question: Are the most recent implementations that know of H.323
>required to transmit an ICV with each RasMessage or
>Bancroft Scott                                Toll Free
>Open Systems Solutions, Inc.
>baos at oss.com                                  Tech Support
>http://www.oss.com                            Fax

More information about the sg16-avd mailing list