Tero Kivinen wrote:
> pasi.ero...@nokia.com writes:
> > Paul Hoffman wrote:
> >
> > > >B.1 (Group 1): We may want to add: "Use of this group is NOT
> > > RECOMMENDED."
> > >
> > > Please open a tracker issue for this. Even though this is obvious,
> > > it is a tad late to be suggesting new normativ
Yaron Sheffer writes:
> > Yaron Sheffer writes:
> > > 2.21.: EAP Failure cases are missing altogether. Also, the first
> > > paragraph says that if an auth failure occurs at the responder,
> > > AUTHENTICATION_FAILED is included in the protected response (to
> > > IKE_AUTH),
> >
> > Yes.
> >
> >
Hi Tero, please see below.
Thanks,
Yaron
> -Original Message-
> From: Tero Kivinen [mailto:kivi...@iki.fi]
> Sent: Monday, January 25, 2010 13:31
> To: Yaron Sheffer
> Cc: IPsecme WG
> Subject: [IPsec] IKEv2-bis comments: 2.17 and onwards
>
> Yaron Sheffer writes:
> > 2.21.: EAP
pasi.ero...@nokia.com writes:
> Paul Hoffman wrote:
>
> > >B.1 (Group 1): We may want to add: "Use of this group is NOT
> > RECOMMENDED."
> >
> > Please open a tracker issue for this. Even though this is obvious, it
> > is a tad late to be suggesting new normative language.
>
> This "NOT RECOMME
Paul Hoffman wrote:
> >B.1 (Group 1): We may want to add: "Use of this group is NOT
> RECOMMENDED."
>
> Please open a tracker issue for this. Even though this is obvious, it
> is a tad late to be suggesting new normative language.
This "NOT RECOMMENDED" would belong in an update to RFC 4307,
not
Thanks again for the careful review. All changes made other than those listed
below.
--Paul HOffman
At 11:06 PM +0200 1/24/10, Yaron Sheffer wrote:
>2.21.: EAP Failure cases are missing altogether. Also, the first paragraph
>says that if an auth failure occurs at the responder, AUTHENTICATION_F
