On Mon, 18 Jan 2016, Valery Smyslov wrote:
That would allow an initiator to trigger the cookie generating mechanism on the responder on demand. I don't think that's a good idea.And what then? I think the cookie generating mechanism is a local matter and you have all means to make it secure.
Sure, but why give attackers a chance at all? Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
