[Worm-can-opener hat] I'm ok with that.
Scott Moonen (smoo...@us.ibm.com) z/OS Communications Server TCP/IP Development http://www.linkedin.com/in/smoonen From: Paul Hoffman <paul.hoff...@vpnc.org> To: IPsecme WG <ipsec@ietf.org> Date: 01/10/2010 07:26 PM Subject: Re: [IPsec] Issue #128: Can implementations not reply fully to Deletes? At 10:55 AM -0800 12/15/09, Paul Hoffman wrote: >Section 1.4.1 says: Normally, the reply in the INFORMATIONAL exchange will contain delete payloads for the paired SAs going in the other direction. There is one exception. If by chance both ends of a set of SAs independently decide to close them, each may send a delete payload and the two requests may cross in the network. > >But, Section 4 (conformance requirements), says: Every implementation MUST be capable of responding to an INFORMATIONAL exchange, but a minimal implementation MAY respond to any INFORMATIONAL message with an empty INFORMATIONAL reply. > >What should we do? Changing the conformance requirement is pretty serious, but not telling the other side that you understand the Delete is also serious. >From the discussion so far, I am inclined to leave the text as-is. Tero is correct that a really minimal implementation might make the other side not understand that it is minimal, but it is still conformant. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
