RFC Errata
RFC 4306, "Internet Key Exchange (IKEv2) Protocol", December 2005
Note: This RFC has been obsoleted by RFC 5996
Source of RFC: ipsec (sec)
Errata ID: 2191
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Constantin Hagemeier
Date Reported: 2010-04-28
Held for Document Update by: Sean Turner
Section 3.2. says:
whose type code appears in the first octet. The reasoning behind not setting the critical bit for payloads defined in this document is that all implementations MUST understand all payload types defined in this document and therefore must ignore the Critical bit's value. Skipped payloads are expected to have valid Next
It should say:
?
Notes:
Difficult to understand. More explanation needed:
An implementation of IKE which is older than 2.0 does not know about the
critical bit and will skip an unknown payload. This behaviour fits to
cleared critical bit.