Paul Hoffman wrote:
IOW it's up to the initiator whether or not to do PFS, and both
configurations are OK to use the suite name.
That was my intention in RFC 4308; I cannot speak for the
authors of RFC 4869.
You can't speak for them, but Scott has to figure it out.
As for lifetimes,
Communications Server TCP/IP Development
http://scott.andstuff.org/
http://www.linkedin.com/in/smoonen
From:
Yoav Nir y...@checkpoint.com
To:
Scott C Moonen/Raleigh/i...@ibmus, ipsec@ietf.org ipsec@ietf.org
Date:
05/13/2009 04:53 PM
Subject:
RE: [IPsec] RFC 4869 questions
Scott C Moonen wrote
