> While I don't know what the rationale was for the RFC, it still makes sense > to provide a client with enough cookies so it can fire off the initial burst > w/o re-keying even if all responses get lost. The NTS-KE section has a SHOULD return 8 keys, but only 1 is required. -- These are my opinions. I hate spam.