At 4:39 PM -0400 5/22/09, David Wierbowski wrote:
>Did I say either of the quotes you sent make it sound like one could not sent
>hash-and-URL if HTTP_CERT_LOOKUP_SUPPORTED was not received?
Sorry, I took it as implied.
>I said I'm confused by Tero's previous answer which makes it sound as if su
Did I say either of the quotes you sent make it sound like one could not
sent hash-and-URL if HTTP_CERT_LOOKUP_SUPPORTED was not received?
I said I'm confused by Tero's previous answer which makes it sound as if
such a restriction is implied.
I guess the value in the HTTP_CERT_LOOKUP_SUPPORTED n
At 12:08 PM -0400 5/22/09, David Wierbowski wrote:
>Paul,
>
>Thanks, but now I'm confused by an answer Tero provided to a slightly
>different question back in July of 2007 (subject [Ipsec] Comments on
>draft-hoffman-ikev2bis-01.txt). From Tero's answer I had expected to see
>something that would
Paul,
Thanks, but now I'm confused by an answer Tero provided to a slightly
different question back in July of 2007 (subject [Ipsec] Comments on
draft-hoffman-ikev2bis-01.txt). From Tero's answer I had expected to see
something that would disallow using those encoding types if you did not
receiv
At 11:52 AM -0400 5/22/09, David Wierbowski wrote:
>Why?
Because there is nothing in the document to indicate that it is invalid.
HTTP_CERT_LOOKUP_SUPPORTED is only mentioned twice in RFC 4306:
Certificate payloads SHOULD be included in an exchange if
certificates are available to the send
cc
05/22/2009 11:25 Subject
AMRe: [IPsec
At 9:30 AM -0400 5/22/09, David Wierbowski wrote:
>If I do not send an HTTP_CERT_LOOKUP_SUPPORTED notify is it valid for my peer
>to send me a certificate payload with a hash and URL encoding (i.e. 12 or 13)?
>I do not see any language in RFC 4306 or 4945 that states the peer MUST NOT
>send a ce
