Client-Accept message
Click on the red underlined text to get to the source
... TLS negotiation. This object should be included only in the Client-
Open or Client-Accept messages. It MUST NOT be included in any other
COPS message.
...
... Client-Open message, the PDP SHOULD respond with a
Client-Accept message containing the Integrity-TLS object.
...
... Note that in order to carry the Integrity-TLS object, the contents of
the Client-Accept message defined in section 3.7 of [RFC2748] need
not change, except that the C-Type ...
... C-Type=2)>]
Note also that this new format of the Client-Accept message does not
replace or obsolete the existing Client-Accept message format, which
...
... Note also that this new format of the Client-Accept message does not
replace or obsolete the existing Client-Accept message format, which
can continue to be used for non-secure COPS ...
... A PEP requiring the Integrity-TLS object in a Client-Accept message
MUST close the connection if the Integrity-TLS object ...
...
Upon receiving the Client-Accept message with the Integrity-TLS
object, the PEP SHOULD initiate the TLS ...
... receiving the Client-Open message, it SHOULD use
the Client-Accept message to initiate security negotiation.
...
... Integrity-TLS object or altering the Client-Open or Client-Accept
messages. If security is required, the PEP and PDP ...
... PDP implementations should reject
Client-Open or Client-Accept messages that fail to include an
Integrity-TLS object.
...