>> I don't think we need to mandate how a particular situation should be
>> handled. That is up to the implementer. The implementer just needs to
>> know that there is a rule that states the it is not for some child SAs
>> stay up when the IKE_SA disappears. I think the existing text could be
>> deleted.
>
>But the existing text is the text which gives this rule or at least
>try to. I.e. it tries to say that if implementation cannot guarantee
>that all Child SAs and IKE SAs stay up together, then you cannot
>negotiate all those Child SAs using the same IKE SA.
>
>This same can partially be seen from the:
>
> Receipt of a fresh cryptographically protected message on an IKE SA
> or any of its Child SAs ensures liveness of the IKE SA and all of
> its Child SAs.
>
>text, but some people might be missing the point that ALL Child SAs
>and corresponding IKE SAs must stay up together.
What I do not like about the text is that it is a rule related to the
life of the Child SAs. I think it would be clearer to tie the rule
to the termination of the IKE SA. For example I think replacing the
text with some thing like the following is more straight forward:
If an IKE SA fails without being able to send a delete
message, then all Child SAs created by the IKE SA MUST be silently
deleted.
On the other hand I am not saying the existing text must be removed.
I'm just saying that I think it could be removed.
Dave Wierbowski
z/OS Comm Server Developer
Phone:
Tie line: 620-4055
External: 607-429-4055
_______________________________________________
IPsec mailing list
IPsec@ietf.org
https://www.ietf.org/mailman/listinfo/ipsec
