[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Encrypting Notify Messages



RFC 2407 in section 4.6.3 dicusses and recommends (or requires? it is
not clear...) protection of notify messages
But some notify messages enumerated in RFC 2408 cannot be protected
while the middle of negotiating Main Mode. (Aggressive Mode is even
bigger issue). I couldn't find any statements allowing some notify
messages to be unprotected.

For example:
INVALID-COOKIE
NO-PROPOSAL-CHOSEN
INVALID-CERT-ENCODING
INVALID-CERTIFICATE
CERT-TYPE-UNSUPPORTED
and many others....

Could someone clarify this?