Hi Kalyani The spec is silent on how the responder chooses the algorithm from among the choices offered by the initiator. It can choose by giving priority to its own preferences, or by choosing the first proposal that is allowed by its policy. Since it does not affect interoperability, the RFC does not specify this.
Yoav On Oct 24, 2012, at 6:23 AM, Kalyani Garigipati (kagarigi) wrote: > > Hi , > > If the initiator proposes three algorithms say alg1, alg2. Alg3 for > encryption in SA1. > And responders choice is in the order as alg3,alg2,alg1, then finally in > SA_INIT response what should be sent as the algorithm. > > From the RFC I felt that it is the initiator choice that should be given > preference and so responder MUST send alg1 in response. > Or is it that responder MUST be given preference and it MUST send alg3 in > response ? > > I could not locate any paras in RFC which gives clear guidelines on this. > Please let me know if anything like this is already mentioned otherwise I > think it should be added in clarifications. > > Regards, > Kalyani _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec