Russ's third point is:
I believe that the 1st paragraph of section 8.4 needs further explanation.
A security association is identified by a triple consisting of a Security
Parameter Index (SPI), an IP Destination Address, and a security protocol
identifier (either AH or ESP). So, manual key management involves a
bit more than inserting the same cryptographic key in communicating peers.
This document should not specify how that is done, but it should indicate
that it needs to be done.
Suggested text to add:
An implementation MUST support the manual configuration of the
security key and SPI. The SPI configuration is needed in order
to delineate between multiple keys.
John
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[EMAIL PROTECTED]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
