Christian Hopps writes:
> I also need to point out that we are only talking about the case
> where the implementation doesn’t use a timer to timeout missing
> packets. We specifically added text highlighting that
> implementations are free to timeout missing packets much earlier if
> they so choose. Perhaps we should also highlight this again??
I do not really see how this timer text helps, or at all related to
this discussion:
Implementations that are
concerned about memory use when packets are delayed (e.g., when an SA
deletion is delayed), or non-IP-TFS uses of AGGFRAG mode, can of
course use timers to drop packets as well.
It seems to cover cases where SA is deleted or non-IP-TFS uses of
AGGFRAG mode, which are not a concern here.
Or non-IP-TFS uses of AGGFRAG mode might be relevant here, but I think
the issues are also for IP-TFS uses of AGGFRAG.
--
kivi...@iki.fi
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
