Hi, I am trying to interpret the following excerpt from the RFC-5996.
" The USE_TRANSPORT_MODE notification MAY be included in a request message that also includes an SA payload requesting a Child SA. It requests that the Child SA use transport mode rather than tunnel mode for the SA created. If the request is accepted, the response MUST also include a notification of type USE_TRANSPORT_MODE. If the responder declines the request, the Child SA will be established in tunnel mode. If this is unacceptable to the initiator, the initiator MUST delete the SA." Its the last two lines in this paragraph that are not clear to me. My doubt is regarding the following line, "If the responder declines the request, the Child SA will be established in tunnel mode". It uses "will be ", so not sure if that's a MUST or implementation's choice. If responder declines the request, is CHILD SA still established in tunnel mode? -- Regards, Hema
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
