Hi Antony,
> Currently, the draft aims to maintain consistency with USE_TRANSPORT,
> USE_AGGFRAG (RFC 9347), and USE_WESP_MODE (RFC 5840), as they
> follow a similar request response structure. That is why I chose this
> approach—though I acknowledge there may be room for refinement.
>
> The initiator is committing to default Tunnel Mode, but it has the
flexibility
> to immediately delete the default tunnel if Tunnel mode is unacceptable.
>
> It would be interesting to explore whether other USE_* mechanisms exist
> in various RFCs. To understand how it work when several of these are
> chained together.
I think the key underlying assumption is that the initiator will create the
Child SA in normal tunnel mode rather than not creating the Child SA.
I acknowledge that this is a common practice. But I suggest explicitly saying
this in the document unless new problems will be introduced by such statement.
Regards & Thanks!
Wei PAN (潘伟)
_______________________________________________
IPsec mailing list -- [email protected]
To unsubscribe send an email to [email protected]
