3.4 CGA Authentication Details

Using the notation as specified in [RFC2409] section 3.2, the generalized form of an IKE phase 1 exchange using certificates is as shown in the following figure. For more information, see [RFC2409] section 5.1.

IKE phase 1 exchange using certificates

Figure 3: IKE phase 1 exchange using certificates

The CGA Authentication Protocol extension uses the same exchanges as an IKE phase 1 certificate exchange. The description in this section uses the message numbers from the protocol sequence diagram above.

The ID_IPV6_CGA identification type packet (section 2.2.5) does not contain the subnet. The subnet is determined by using the following algorithm.

  1. Compare the first 4 bytes of the CGA address to a well-known prefix—0x3f, 0xfe, 0x83, 0x1e—to get the prefix length. If the values match, the prefix length is equal to 88 bits; otherwise, the prefix length is 64 bits.

  2. Using the prefix length, the subnet is determined by taking the leftmost number of bits equal to the prefix length from the CGA address in the packet from the peer.