Paul Wouters writes: > On Wed, 6 Nov 2019, Valery Smyslov wrote: > > > Do you think the current diagrams are confusing? > > Yes. Because often I go back to RFCs and only look at the diagrams > expecting it to be what I need to implement. So for optional/required > payloads, I would mostly look at the diagram, and perhaps read a bit > of text.
That is the reason we added Appendix C in the IKEv2. So my proposal is to leave the exchanges inside the text as they are, but add new Appendix that has the different exchanges including the optional payloads. > >> That is, the diagrams should represent the state machine, not an > >> example of the state machine. > > > > Hmmmm... It's an open question :-) Aa a counter-example, > > the EAP and non-EAP case of IKEv2 are not shown > > on the same diagrams - these are different diagrams, > > however the state machine for IKE_AUTH is the same. > > Sure. In RFC7296 Appendix C we do have C.2 IKE_AUTH Exchange without EAP, and C.3 IKE_AUTH Exchange with EAP. And I would say that the state machine for IKE_AUTH for them are different, the state machine for IKE_SA_INIT is same for both and is not included in C.2, or C.3, both of them use the IKE_SA_INIT from C.1 -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
