2.2 Message Syntax

  • Article

The messages that NEGOEX uses are specified in [IETFDRAFT-NEGOEX-04].<2> NEGOEX uses the following message enumeration and message structures, which are documented in the specified sections:

MESSAGE_TYPE: An enumeration that designates the type of message that is used. It is contained in the MESSAGE_HEADER.

MESSAGE_HEADER: A structure that is used in each message that contains metadata about each message, such as message signature, message type, sequence number, header length, message length, and conversation ID.

NEGO_MESSAGE: A structure that is used to begin and exchange negotiation of security mechanisms. The NEGO_MESSAGE message is sent from the initiator to the acceptor with the message type set to MESSAGE_TYPE_INITIATOR_NEGO to begin the negotiation. <3> The initiator uses this message to specify the set of supported security mechanisms. The acceptor then responds with the NEGO_MESSAGE message with the message type set to MESSAGE_TYPE_ACCEPTOR_NEGO and with its own list of supported security mechanisms.<4>

EXCHANGE_MESSAGE: A structure that is used to exchange context tokens and metadata tokens by a request or challenge between the initiator and the acceptor. The MessageType field is set to MESSAGE_TYPE_AP_REQUEST for the initiator or MESSAGE_TYPE_CHALLENGE for the acceptor when context tokens are being exchanged. The MessageType field is set to MESSAGE_TYPE_INITIATOR_META_DATA for the initiator or MESSAGE_TYPE_ACCEPTOR_META_DATA for the acceptor when metadata tokens are being exchanged.

VERIFY_MESSAGE: A structure that uses the checksum mechanism to verify messages between the initiator and the acceptor. The message type MUST be set to MESSAGE_TYPE_VERIFY.

ALERT_MESSAGE: A structure that is used to indicate that a message needs to be resent. This message contains the security mechanism, error codes, and various alert types. This message might not always be sent.