Hi, sorry for the delayed answer to the comment.
The MAY is there to keep the options free to move on with the exchange regardless of unverifyable or missing certificate in cases where the certs are optional. Or in case the certificates are not for setting up a connection but serve as a general mechanism to communicate roles or capabilities, in which enforcing an error message may not be what is wanted.
However, error signaling could be RECOMMENDED instead of MAY as it would still allow to omit error signaling.
-Samu & Tobias On 05/07/16 04:08, Kathleen Moriarty wrote:
Kathleen Moriarty has entered the following ballot position for draft-ietf-hip-rfc6253-bis-08: No Objection When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-hip-rfc6253-bis/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Why is MAY used int he error handling and not MUST or listing these actions as RECOMMENDED? Thanks for addressing the SecDir review: https://www.ietf.org/mail-archive/web/secdir/current/msg06366.html _______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
_______________________________________________ Hipsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/hipsec
