Scott C Moonen writes: > Tero, > > > > 2) Disallow floating on IKE_SA_INIT unless . . . > > Why do you want to disallow that? . . . > > > > > 3) Disallow this elective use of UDP-encap unless . . . > > Again why do that? > > I guess I'm thinking more about what is advisable (without out-of-band > knowledge or inference) than what is permissible, so that may be out of > scope. And I should have said "recommend against" rather than "disallow".
Ok, that makes much more sense. On the other hand the current text tries to make the recipient part so that we do not need to change that, even if someone later proposes modifications that use out-of-band or similar knowledge and defines how those are used. So it is ok to add text saying that you should not use those features as a initiator, but you still must to be able to receive them as a responder. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
