Yaron Sheffer writes:
Hi Tero,
Sec. 3.3.2 mentions that you negotiate a D-H group for ESP/AH, even though
you only need encryption and integrity transforms for these protocols. I
find it confusing, certainly for newcomers. For clarity, I suggest to add
after the table in Sec. 3.3.3, this
Yaron Sheffer writes:
Yaron:
3.3.2: there is no explanation here or elsewhere that the D-H transform for
ESP and AH is used for PFS.
Paul (off list):
Not done. I don't think it belongs in 3.3.2, and I also don't agree that the
transform is the D-H transform for ESP and AH is used for
Yaron:
3.3.2: there is no explanation here or elsewhere that the D-H transform for
ESP and AH is used for PFS.
Paul (off list):
Not done. I don't think it belongs in 3.3.2, and I also don't agree that the
transform is the D-H transform for ESP and AH is used for PFS; that's an
