> > [I snipped some text to make message more readable] > Same here :-)
> > The important thing I'd like to mention: > > I think, if we can avoid an issue by design - by excluding an option > > we don't necessarily need - we should do that and not the other way > around. > > I don't see it's an issue. More precisely, I can see it as a generic issue, > not > particularly concerned with empty INTERMEDIATE messages. > I see your point and I think making explicitly sure that support/negotitation of IKE_INTERMEDIATE without an application addresses the comment anyway! > > The current wording says: The implementation MAY support > > IKE_INTERMEDIATE but MUST NOT use it without an application. > > My preferred approach would be: The implementation MUST NOT support > > IKE_INTERMEDIATE without an application. > > OK, how about: > > The implementation MUST NOT negotiate support for INTERMEDIATE > without an application. > That sounds good for me. The question remains if it is than necessary to negotiate INTERMEDIATE explicitly, but that this is something I really don't care too much! :-) > > My thinking is, you'd like to negotiate an application (e.g. PQKE) > > which needs IKE_INTERMEDIATE, so it's all about the application anyway. > > So if the application needs IKE_INTERMEDIATE, it wouldn't work if > > IKE_INTERMEDIATE is not supported anyways. > > It depends. I can imagine extensions that can run w/o INTERMEDIATE, but > can benefit if it is supported... > Good point! > > > > I don't say this is the only way to go, but I feel it's cleaner > > > > than just saying it could be anything. I'd actually prefer what I > > > > mentioned above, not allowing IKE_INTERMEDIATE to be implemented > > > > without > > > another document defining the actual payload. > > > > > > Exactly, except that I'd s/implemented/used. You can implement a > > > pure framework (just for the future), but you cannot use it without > > > implementing another document utilizing it. > > > > Maybe we could replace "used" with "supported"? > > is "negotiated" or "advertised support for" OK here? I think I like negotiated! > > Regards, > Valery. > > > Regards > > Tobias
pgpGlJmyxPyX7.pgp
Description: PGP signature
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
