Valery Smyslov writes:
And this not the only contradiction between RFC5996 and RFC4945 -
the latter requires ID_IPV*_ADDR to match source IP address of IKE
packet by default, while the former explicitely allows not to do it
in any case.
RFC4945 requires that implementations MUST be
Rajeshwar Singh Jenwar (rsj) writes:
IKEv2 fragmentation is mostly used for large sized packets. There
are use-cases when our implementation needs to send huge sized
packet over IKEv2 control plane channel.
I have understood that the idea for IKEv2 fragmentation is to be used
for large packets
I just reread the introduction of RFC 4945 and I don't understand its
purpose. So I'm not sure it should be referenced from 5996bis.
It is definitely not a profile in the sense that Tero is alluding to.
Tero's own minimal IKEv2 is a profile for a specific use. RFC 4945
just attempts to fill