Description
Address Daniel's comments:
- I kept the bools indicating the presence of optional key handles for 2 reasons: 1) it was consistent with HKDF usage, and 2) in at least one case it affected the actual protocol of the hash. (Rekey rather than non-rekey).
- added more specificity about the expected error codes in forbidden conditions.
- added more specificity around key types accepted or returned.
In addition, the IKE people noted a missing functionality: The derive mechanism needed to make QUICK mode work doesn't exist. I've extended derive APP_B to handle QUICK mode and changed the mechanism name.
I've also allocated the mechanism numbers and added them to the spec.
bob
