Hi, Jun, After reading your draft, I liked the idea behind this draft but at the same time have some questions.
1. Does Figure 2 defines a new Auth Method in the "IKEv2 Authentication Method"? Because it looks like using the RFC 9593 multi-octet mechanism, but not exactly the same. 2. From Section 4.2, I don't get the information about what messages are being signed. Maybe some pseudo-code will help. 3. Section 4.4 said that the composite certificate maybe used. I was wondering that it is actually necessary to use a composite certificate with a traditional/composite certificate together. Best Shuzhou
_______________________________________________ IPsec mailing list -- ipsec@ietf.org To unsubscribe send an email to ipsec-le...@ietf.org
