I also think that PMTU discovery isn't very useful for IKE.
That's why it is MAY.
That does not help implementors who still have to implement the MAY's.
if even you as a document author does not think it is veru usefil,
then I think it should just not be in the document.
Sorry, I wasn't very
Hi Paul,
o Check message validity - in particular, check whether values of
Fragment Number and Total Fragments in Encrypted Fragment Payload
are valid. If not - message MUST be silently discarded.
should be changed to say:
o Check message validity - in particular, check
Sorry, I wasn't very clear. By isn't very useful I meant that it is
not useful
for the usual PMTU discovery goal in TCP - to find _maximum_ IP datagram
size that is not fragmented by IP level. In IKE its the goal is
different -
to find _some_reasonable_ IP datagram size that is not fragmented