Issues.. Why not use the option in RFC 4285? Why do we need HKE and AT in FBU/FBack? Why SPI = 0 needed? Resolution: Remove HKE field? If SPI is set to zero, the HKE is SEND-based If a new HKE is to be defined, relies on reserving an SPI value. Good idea? Remove AT field? Yes, AT is set by the key derivation mechanism (AAA, SEND) |