errata logo graphic

Found 1 record.

Status: Verified (1)

RFC4718, "IKEv2 Clarifications and Implementation Guidelines", October 2006

Note: This RFC has been obsoleted by RFC5996

Source of RFC: IETF - NON WORKING GROUP

Errata ID: 1502

Status: Verified
Type: Technical

Reported By: Pasi Eronen
Date Reported: 2008-09-11
Verifier Name: Russ Housley
Date Verified: 2009-01-07

Section 5.11.4 says:

After the CREATE_CHILD_SA exchanges, three IKE_SAs exist between
A and B; the one containing the lowest nonce inherits the CHILD_SAs.

It should say:

After the CREATE_CHILD_SA exchanges, three IKE_SAs exist between 
A and B; of the two new IKE_SAs, the one containing the lowest nonce 
is redundant and will be closed; the other one inherits the CHILD_SAs.

Notes:

Pointed out by Jeffrey Sun on the ipsec mailing list, 2008-03-31


Report New Errata