RFC 7296, "Internet Key Exchange Protocol Version 2 (IKEv2)", October 2014

Note: This RFC has been updated by RFC 7427, RFC 7670, RFC 8247, RFC 8983, RFC 9370, RFC 9827

Errata ID: 8407
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Yan Jia
Date Reported: 2025-05-07
Rejected by: Deb Cooley
Date Rejected: 2025-10-28

Section 2.15. says:

InitiatorSignedOctets = RealMessage1 | NonceRData | MACedIDForI

NonceRPayload = PayloadHeader | NonceRData

It should say:

InitiatorSignedOctets = RealMessage1 | Nr| MACedIDForI

NonceRPayload = PayloadHeader | Nr

Notes:

I'm not sure whether "NonceRData" and "NonceIData " refers to Nr and Ni? I searched "NonceRData" but I cannot find its definition.

BTW, because we have already included "MACedIDForI" that is generated from Nonce in InitiatorSignedOctets, can we remove "NonceRData" from InitiatorSignedOctets (assuming NonceRData is Nr)?
--VERIFIER NOTES--
The proposed change is wrong. Nr in the RFC7296 diagrams
represents the whole Nonce payload, including payload header,
while only its content is included in to the authentication data.

This is expressed by the line:

NonceRPayload = PayloadHeader | NonceRData

The correct change would be:

Nr = PayloadHeader | NonceRData

However, while terms NonceRPayload, InitiatorIDPayload,
RealMessage1, etc., are not formally defined in the RFC,
the explanation text above makes it clear what is meant.

Report New Errata