On 9/20/2015 9:06 AM, Scharf, Michael (Michael) wrote: ... > * Section 2, page 4: "Provide signaling through which applications > can better take advantage of TCP-level encryption (for instance by > improving authentication mechanisms in the presence of TCP-level > encryption)." Since authentication is listed here: How does this > option interact with TCP-AO? For instance, I think this document > could perhaps discuss what a receiver may do if a SYN segment both > with TCP-ENO and TCP-AO options is received. This is a question much > closer to the SYN handshake negotiation mechanics than various other > sections of the document.
FWIW, TCP-AO must precede TCP-ENO processing. If you have a TCP-AO key, it might be preferable to just encrypt using that key (as per draft-touch-tcp-ao-encrypt). ... > * Section 8: Why does TCP-ENO not allocate an TCP Experimental > Option Experiment Identifier according to RFC 6994? +1 Joe _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
