On Mon, 18 Jan 2016, Valery Smyslov wrote:
I think that responder must verify the cookie if it is present, regardless on whether it is expected to be present or not. And it must request another cookie if the verification failed.
That would allow an initiator to trigger the cookie generating mechanism on the responder on demand. I don't think that's a good idea. I do agree the cookie if received must validate against the "current" or "last secret before we disabled cookies". If not, I think that's a good reason to not even answer the request - it's clearly malicious. I don't think it should request a new cookie. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
