On Mon, 23 May 2016, Valery Smyslov wrote:
thank you for clarifications. One more point. The draft is silent about what the responder is supposed to do with the stream prefix. Should it check it? In this case what should it do if the prefix is different from "IKEv2"? Discard the TCP session? Or should it ignore the prefix completely? In this case how many bytes should it skip from the beginning of the stream - exactly 5?
That might not work well if we get IKEv2.1 Actually, I'd argue it should be a unique identifier but not contain a verion number of the IKE protocol at all. Paul _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
