3.3.5 Message Processing Events and Sequencing Rules

This section describes how a relay server processes and responds to each security message that it has received from a client. The server identities the type of security messages according to the type of SSTP commands that a security message is embedded in, and expects to receive only these six types of security messages from clients: SecConnect, SecConnectAuthenticate, SecAttach, SecAttachAuthenticate, SecDeviceAccountRegister and SecIdentityRegister. The server MUST treat an authentication token that cannot be parsed correctly as a protocol error and respond by sending a response message, closing the session, or closing the connection. The server MUST also check the version numbers from the message header. If the major version specified in the header is different from the server's current major version, the server SHOULD reject the message by closing the session or the connection.

The relay server MUST treat any error in parsing a security message as a protocol violation, and then close the session or the SSTP connection.

The server MAY<10> treat a security message received out of order as a protocol violation and then close the session or the SSTP connection.