On Thu, 17 Oct 2013, Tero Kivinen wrote: [forgive me if already reported]
Section 3.1 states: o Major Version (4 bits) - Indicates the major version of the IKE protocol in use. Implementations based on this version of IKE MUST set the major version to 2. Implementations based on previous versions of IKE and ISAKMP MUST set the major version to --> 1. Implementations based on this version of IKE MUST reject or ignore messages containing a version number greater than 2 with an INVALID_MAJOR_VERSION notification message as described in Section 2.5. The reading of "this version" on the line marked "-->" is a little unclear. Does it refer to the previous sentence's version (version 1) or this version as in "this document's" version (version 2). I suggest replacing "this version" with "this document's version" o Minor Version (4 bits) - Indicates the minor version of the IKE protocol in use. Implementations based on this version of IKE MUST set the minor version to 0. They MUST ignore the minor version number of received messages. For the Major we tell what IKEv1 implementations should do. Why don't we do that for the Minor as well? Suggested addition: Implementations based on the previous major version of IKE and ISAKMP MUST set the minor version to 0 and reject or ignore messages containing a minor version number greater than 0 with an INVALID_MINOR_VERSION notification message. Paul _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec