Confusing guidance about handling non-integrity-protected encrypted data packets
Derek Atkins, Robert Hansen, and @nwalfield all raised concerns that the guidance text about how to deal with non-integrity-protected encrypted data packets in crypto-refresh-02 was confusing and potentially contradictory:
This packet is obsolete. An implementation MUST NOT create this packet. An implementation MAY process such a packet but it MUST return a clear diagnostic that a non-integrity protected packet has been processed. The implementation SHOULD also return an error in this case and stop processing.
Maybe we need explicit guidance for how a tool connected to a user should behave, and distinct guidance for how a toolkit (something farther away from the user in the stack) should behave.