Errata Search
RFC Number:		Errata ID:
Source of RFC		Status:	All/Any Verified+Reported Verified Reported Held for Document Update Rejected
Area Acronym:	All/Any app art gen int ops rai rtg sec tsv wit	Type:	All/Any Editorial Technical
WG Acronym:		Submitter Name:
Other:	All/Any IAB INDEPENDENT IRTF Legacy Editorial	Date Submitted:
Summary Table Full Records

RFC 4718, "IKEv2 Clarifications and Implementation Guidelines", October 2006

Note: This RFC has been obsoleted by RFC 5996

Source of RFC: IETF - NON WORKING GROUP
See Also: RFC 4718 w/ inline errata

---

Errata ID: 1502
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Pasi Eronen
Date Reported: 2008-09-11
Verifier Name: Russ Housley
Date Verified: 2009-01-07

Section 5.11.4 says:

After the CREATE_CHILD_SA exchanges, three IKE_SAs exist between
A and B; the one containing the lowest nonce inherits the CHILD_SAs.

It should say:

After the CREATE_CHILD_SA exchanges, three IKE_SAs exist between 
A and B; of the two new IKE_SAs, the one containing the lowest nonce 
is redundant and will be closed; the other one inherits the CHILD_SAs.

Notes:

Pointed out by Jeffrey Sun on the ipsec mailing list, 2008-03-31

Report New Errata