On Thu, 17 Oct 2013, Tero Kivinen wrote:
[forgive me if already reported]
Section 3.1 states:
o Major Version (4 bits) - Indicates the major version of the IKE
protocol in use. Implementations based on this version of IKE
MUST set the major version to 2. Implementations based on
previous versions of IKE and ISAKMP MUST set the major version to
--> 1. Implementations based on this version of IKE MUST reject or
ignore messages containing a version number greater than 2 with an
INVALID_MAJOR_VERSION notification message as described in Section
2.5.
The reading of "this version" on the line marked "-->" is a little
unclear. Does it refer to the previous sentence's version (version 1)
or this version as in "this document's" version (version 2). I suggest
replacing "this version" with "this document's version"
o Minor Version (4 bits) - Indicates the minor version of the IKE
protocol in use. Implementations based on this version of IKE
MUST set the minor version to 0. They MUST ignore the minor
version number of received messages.
For the Major we tell what IKEv1 implementations should do. Why don't we
do that for the Minor as well? Suggested addition:
Implementations based on the previous major version of IKE and
ISAKMP MUST set the minor version to 0 and reject or ignore
messages containing a minor version number greater than 0 with
an INVALID_MINOR_VERSION notification message.
Paul
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
