The section 2.9 has text which says: ---------------------------------------------------------------------- 2.9. Traffic Selector Negotiation
... Since the two endpoints may be configured by different people, the incompatibility may persist for an extended period even in the absence of errors. It also allows for intentionally different configurations, as when one end is configured to tunnel all addresses and depends on the other end to have the up-to-date list. ... ... This case will occur only when the initiator and responder are configured differently from one another. If the initiator and responder agree on the granularity of tunnels, the initiator will never request a tunnel wider than the responder will accept. Such misconfigurations should be recorded in error logs. ---------------------------------------------------------------------- So the first part says that traffic selectors may be different on initiator's and responder's policy and that such a configuration may be intentional. Then the second part calls such configuration misconfigurations and require such events to be logged. This is bit inconsistent, and I think the second part should be modified so that the last sentence is removed, or rephrased. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec