> MUST either offer no integrity algorithm or a single integrity algorithm of "none", with no integrity algorithm being the preferred method
Sounds good, thanks, Scott Moonen (smoo...@us.ibm.com) z/OS Communications Server TCP/IP Development http://www.linkedin.com/in/smoonen From: Paul Hoffman <paul.hoff...@vpnc.org> To: Scott C Moonen/Raleigh/i...@ibmus Cc: IPsecme WG <ipsec@ietf.org>, ipsec-boun...@ietf.org, Tero Kivinen <kivi...@iki.fi> Date: 11/25/2009 12:29 PM Subject: Re: [IPsec] #122: Integrity proposals with combined algorithms At 11:34 AM -0500 11/25/09, Scott C Moonen wrote: > > MUST either offer no integrity algorithm or a single integrity algorithm of "none" >> >> Does anyone have a problem with this new wording? > >I suggest we specify that one or the other as the preferred approach. Maybe add an additional sentence saying SHOULD for no transform and MAY for transform=none? I hate honing down that far: it confuses future developers. How about: MUST either offer no integrity algorithm or a single integrity algorithm of "none", with no integrity algorithm being the preferred method --Paul Hoffman, Director --VPN Consortium
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec