At 12:08 PM -0400 5/22/09, David Wierbowski wrote: >Paul, > >Thanks, but now I'm confused by an answer Tero provided to a slightly >different question back in July of 2007 (subject [Ipsec] Comments on >draft-hoffman-ikev2bis-01.txt). From Tero's answer I had expected to see >something that would disallow using those encoding types if you did not >receive the HTTP_CERT_LOOKUP_SUPPORTED. See below.
I cannot speak for Tero. I can only say what is in the RFC and the current draft. Did either of the quotes I sent make it sound like one could not sent hash-and-URL if HTTP_CERT_LOOKUP_SUPPORTED was not received? At 5:05 PM +0300 7/19/07, Tero Kivinen wrote: >HTTP_CERT_LOOKUP_SUPPORTED is not extraneous, as it tells whether the >other end is CONFIGURED to allow HTTP lookups for the certificates. While that is true, a peer is not required to send it if that peer is configured to allow HTTP lookups. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
