"hal" == hal <hal(_at_)finney(_dot_)org> writes:
hal> The "preloading" means to hash the preloaded data. In other
hal> words, the preloaded data is a prefix to the rest of the data to
hal> be hashed. It is not inserted directly into the state
hal> variables.
hal> Without preloading, you would do hash(data). Preloading one
hal> byte of zero you would do hash(0,data). Preloading two bytes of
hal> data you would do hash(0,0,data), and so on, where the commas
hal> represent concatenation.
The use of terms like "preloading" and "multiple instances of the hash
context" makes it sound like a description of an implementation, which
of course isn't what you want in a protocol spec. I wonder if it
would help to phrase it in the other way you just used: hash (data)
concatenated with hash (0 data) concatenated with ...
The key extension description in the IKE spec is done in this way, if
memory serves.
paul