Hi Valery, Thanks, that works for me. The added reference to the peer verifying authentication data created using the non-compromised key makes the assumption clearer than my original wording.
I would only suggest one small editorial cleanup if you touch the paragraph again: Thus, there is no separate downgrade-detection procedure. Instead, the additional initial-exchange data (the IKE_SA_INIT message received by a peer) is included in the input to the IKEv2 authentication calculation. Otherwise the direction looks good to me. Best, Songbo Bu
_______________________________________________ IPsec mailing list -- [email protected] To unsubscribe send an email to [email protected]
