Is the following text for the entire section 2.4 OK for you?
(I've borrowed some of your text):
Looks mostly ok.
2.4. Interaction with Peer Authorization Database (PAD)
Section 4.4.3 of [RFC4301] defines the Peer Authorization Database
(PAD), which provides the link between Security Po
Valery Smyslov writes:
> Is the following text for the entire section 2.4 OK for you?
> (I've borrowed some of your text):
Looks mostly ok.
> 2.4. Interaction with Peer Authorization Database (PAD)
>
>Section 4.4.3 of [RFC4301] defines the Peer Authorization Database
>(PAD), which prov
Thinking it over, you don’t really need AES at all, and in any case it
doesn’t matter.
The initiator doesn’t know the key and doesn’t know the algorithm, so it’s
entirely a local matter.
You are right, it's a local matter.
For example, the responder could pick HMAC-SHA256 with a fixed key, and
