Tero: 2.8.1. Simultaneous CHILD_SA rekeying Instead of simultaneous CHILD_SA rekeying, there should be section of simultaneous IKE SA rekeying. Simultaneous CHILD_SA rekeying just results few extra SAs that will disappear after next rekeys (at worst there will be 2 SA pairs, but all others will be deleted instead of being rekeyed as they are not used. The simultaneous IKE SA rekeying is much more important case to get correct, as both ends MUST agree on which IKE SA survive, as otherwise they will move the CHILD SA to wrong IKE SA and their state is completely messed up after that. This section should also explain that even if the simultaneous rekeying of IKE SA is noticed only AFTER the whole rekeying is already finished, both ends MUST still correctly detect it and act based on the fact which IKE SA will survive. This means that the old IKE SA should not be deleted too quickly after the IKE SA rekey finished, just in case there happened to be simultaneous rekey in progress. The one doing the delete should wait at least few minutes before deleting the old IKE SA, so it can be sure that other end does not have simultaneous rekey going on the IKE SA. Paul: Not done. More specific text is needed. This is interesting, but should be discussed on the list. There was a long discussion of this issue in the past, see some pointers here: http://www.ietf.org/mail-archive/web/ipsec/current/msg03516.html. We would appreciate proposed text for such a new section.
Thanks,
Yaron
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
