Hi Paul and Nupur,
I would also be interested to know what people implemented, because what you're
suggesting, while possibly "the right thing", is clearly counter to the RFC.
Sec. 6.2 and Sec. 9.8 are rather clear that no matter who deleted the IKE SA,
the ticket is revoked and must not be use
On Thu, 27 Aug 2020, Yaron Sheffer wrote:
I would also be interested to know what people implemented, because what you're
suggesting, while possibly "the right thing", is clearly counter to the RFC.
Sec. 6.2 and Sec. 9.8 are rather clear that no matter who deleted the IKE SA, the ticket
is re
Paul Wouters wrote:
> Or update the RFC with a clarification that delete's are allowed, but
> that the server who deleted a state, upon getting a ticket MUST check:
> - It's configuration is unchanged from when the ticket was issued (we do
that)
> - The ticket's issue time plus
