Peers MAY negotiate both Cryptex and the header extension mechanism
defined in [RFC6904] via signaling, and if both mechanisms are
supported, either one can be used for any given packet. However, if
a packet is encrypted with Cryptex, it MUST NOT also use [RFC6904]
header extension encryption, and vice versa.
Why this complexity? Based on the Section 1, Cryptex is much more preferred.
Why allow "either one can be used for any given packet" instead of saying
if both are negotiated, Cryptex SHOULD be used? Or why not stronger, if
both peers support Cryptex, RFC6904 SHOULD NOT (MUST NOT?) be used?
Why this complexity? Based on the Section 1, Cryptex is much more preferred. Why allow "either one can be used for any given packet" instead of saying if both are negotiated, Cryptex SHOULD be used? Or why not stronger, if both peers support Cryptex, RFC6904 SHOULD NOT (MUST NOT?) be used?