[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Some questions about the draft-ieft-ipsec-ike-00.txt
> 6.4.2 Acknowledged Informational
> ...
> The acknowledged Informational exchange is defined as:
>
> Initiator Responder
> ----------- -----------
> HDR*, HASH(1), Ni, N/D -->
> <-- HDR*, HASH(2), Nr, N/D
I assume this is defined so that even if the responder does not
understand the contents of the payloads, it MUST send the reply back?
I.e If I send the other end notification payload having unknown
notification number, the other end MUST send the second packet back,
and it MUST NOT send any kind of error (no error notifications for
notifications).
Is this interpretation correct?
If so, I would like to see something like this describing that in the
document:
----------------------------------------------------------------------
The responder MUST always send back the reply packet defined above,
even if there is an error while processing the packet sent by the
initiator. This means that the initiator will always get the reply
back from the responder, and that reply simply means that the
responder received the packet. The reply does not mean that the
responder understood and/or acted based on the packet it received.
--
kivinen@iki.fi Work : +358-9-4354 3218
SSH Communications Security http://www.ssh.fi/
SSH IPSEC Toolkit http://www.ssh.fi/ipsec/