On Tue, 30 Apr 2019, Valery Smyslov wrote:
I would prefer no notify if the request was fulfilled and to only send a notify
if a request could not be fulfilled.
Since clients can ask for both that should cover things. If a client isn’t
asking for ipvX, I see no need to answer
that ipvX is supported too.
That would make sending these notifies dependent on the content of request.
Yes, like all CP payloads?
So, the tradeoff is whether saving eight bytes justifies complication of state
machine.
It's not about saving bytes for me, but about the logic and simplicity
on the wire. If a client isn't asking for v6, why tell them about our
v6 capabilities?
I see that quite different from "if you want compression, it is
available". The address family is a much more fundamental property
of an IPsec tunnel. It's not a bell or whistle.
Paul
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
