Hi Tobias, thank you for catching this up. It's a leftover from previous version that somehow escaped our attention. We'll fix it in the next version of the draft.
Thank you for careful reading, Valery (for the authors). > Hi Valery, > > i think i just found a minor flaw reading through the new version. > The current draft (draft-tjhai-ipsecme-hybrid-qske-ikev2-03) says in > section 3.1: > > > In order to achieve this, the > > IKE_SA_INIT exchange now includes notify payloads that negotiate the > > extra key exchanges to be used. The initiator IKE_SA_INIT message > > includes a notify that lists the extra key exchange policy required > > by the initiator; the responder selects one of the listed policies, > > and includes that as a notify in the response IKE_SA_INIT message. > > I believe this is obsolete and was overlooked in the last change since the > negotiation of additional KEs is now done in the SA payload. > > Regards, > Tobias _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
