3.3.6 mentions it quite explicitly, and I don't think need to say it again is 3.3.3:
"If the responder receives a proposal that contains a Transform Type it does not understand, or a proposal that is missing a mandatory Transform Type, it MUST consider this proposal unacceptable; however, other proposals in the same SA payload are processed as usual." Thanks, Yaron > -----Original Message----- > From: Paul Hoffman [mailto:paul.hoff...@vpnc.org] > Sent: Saturday, January 23, 2010 21:19 > To: Yaron Sheffer; ipsec@ietf.org > Subject: RE: [IPsec] Issue #157: Illustrate the SA payload with a > diagram > [snip] > > > > This begs the related question: given that there is no MUST or > should > >> for what goes into a Proposal, what does an ESP proposal that only > has > >> an ENCR and INTEG in it mean with respect to what is being proposed > for > >> ESN? What does an ESP proposal that has only an ENCR and ESN in it > mean > >> with respect to what is being proposed for INTEG? I see no MUSTs or > >> SHOULDs answering this. > >3.3.3 says ESN is mandatory. Which means if it is omitted, the > recipient will reject the proposal. > > As I said, I don't see any MUST or SHOULD for that. It would be better > if this was stated. A possible addition to 3.3.3 would be "A proposal > that does not contain all of the mandatory transforms is malformed and > MUST be rejected". > > --Paul Hoffman, Director > --VPN Consortium > > Scanned by Check Point Total Security Gateway. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec