<co-chair hat on> Greetings again. Of the people who replied, two favored mandating two round trips, and one favored keeping the current one round trip. That (anemic) result, plus the comment that lead to this thread, leads me to say that we need to change draft-ietf-ipsecme-ikev2-resumption to require two round trips.
Draft authors: please prepare a -03 with only the two-round-trip solution, and pull out the text about the one-round-trip option. If someone really objects to this, please prepare a personal Internet Draft that lists exactly how you would change the current -03 draft to cover all the security issues that were brought forward. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
