I agree with the proposed change. Best regards, Pasi
> -----Original Message----- > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf > Of ext Paul Hoffman > Sent: 17 January, 2010 18:06 > To: IPsecme WG > Subject: [IPsec] Issue #134: SAi1 in cookies > > In section 2.6.1 it has text saying: > > For instance, if > the responder includes the SAi1 and KEi payloads in cookie calculation, > it will reject the request by sending a new cookie. > > which is misleading, as even if SAi1 is included in the cookie, that > should not cause cookie to be rejected, as the retry behavior for > INVALID_KE_PAYLOAD says that SAi1 is going to be same (section 2.7 > says: "The initiator MUST again propose its full set of acceptable > cryptographic suites ..."). IT would be better to remove "SAi1 and" > from the sentence and only talk about KEi: > > For instance, if > the responder includes the KEi payload in cookie calculation, it will > reject the request by sending a new cookie. > > --Paul Hoffman, Director > --VPN Consortium > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
