Question about IKEv2 authentication

Hi

Hope this is the right group to ask or else please tell me where to ask.

I have a question about the AUTH part of the encrypted request the initiator
sends. The RFC document (4306) states that :
....the initiator signs the first message, starting with the first octet of
the first SPI in the header and ending with the last octet of the last
payload. Appended to this (for purposes of computing the signature) are the
responder's nonce Nr, and the value prf(SK_pi,IDi'). In the above
calculation, IDi' and IDr' are the entire ID payloads excluding the fixed
header....

How does the responder check that this signature is correct?

---

Brian