David Wierbowski writes: > What I do not like about the text is that it is a rule related to the > life of the Child SAs. I think it would be clearer to tie the rule > to the termination of the IKE SA. For example I think replacing the > text with some thing like the following is more straight forward: > > If an IKE SA fails without being able to send a delete > message, then all Child SAs created by the IKE SA MUST be silently > deleted.
Do you think it is legal to create a system where one Child SA can fail in such way that IKE SA cannot send delete notification? The current text says it is not legal, but your replacement text allows it. I do not think such setup should be allowed. I.e. if any of the Child SAs or the associated IKE SA fail, in such way that delete notification cannot be sent, then all the Child SAs AND the IKE SA needs to be destroyed. -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
