The common header includes an R flag, which is supposed to be set when a message
response is requested. Sometimes this is implicitly determined by the message
type, and sometimes by the message content (e.g. the R flag cannot be set on a
Confirm, while on the other hand a Query with a Cookie must have the R flag
set). These rules should be stated, and also that the R flag is 'authoritative'
in deciding that a next message in a handshake is required.