It is not clear why out of sequence detection is enabled because we don't use the security context to wrap any messages, but for authentication only.
See here:
In the common case where a context initiator is transmitting several sequential data packets to the acceptor,
some mechanisms allow the context acceptor to check whether or not the packets are arriving as they should:
in the right order, and with no unwanted duplication of packets (shown in Figure 1–9). The acceptor checks for
these two conditions when it verifies a packet's validity or when it unwraps a packet; see Unwrapping and
Verification for more information.
We don't use unwrap and MIC here, this option can be dropped.
michael-o
commented
2 years ago
It is not clear why out of sequence detection is enabled because we don't use the security context to wrap any messages, but for authentication only. See here:
We don't use unwrap and MIC here, this option can be dropped.
Can provide a PR for that.