RFC Errata
RFC 5996, "Internet Key Exchange Protocol Version 2 (IKEv2)", September 2010
Note: This RFC has been obsoleted by RFC 7296
Note: This RFC has been updated by RFC 5998, RFC 6989
Source of RFC: ipsecme (sec)
Errata ID: 3718
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Gerald Smith
Date Reported: 2013-09-04
Rejected by: Stephen Farrell
Date Rejected: 2014-06-03
Section 3.15.3 says:
A client can be assigned an IPv6 address using the INTERNAL_IP6_ADDRESS Configuration payload. A minimal exchange might look like this: CP(CFG_REQUEST) = INTERNAL_IP6_ADDRESS() INTERNAL_IP6_DNS() TSi = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF) TSr = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF) CP(CFG_REPLY) = INTERNAL_IP6_ADDRESS(2001:DB8:0:1:2:3:4:5/64) INTERNAL_IP6_DNS(2001:DB8:99:88:77:66:55:44) TSi = (0, 0-65535, 2001:DB8:0:1:2:3:4:5 - 2001:DB8:0:1:2:3:4:5) TSr = (0, 0-65535, :: - FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF)
It should say:
CP(CFG_REPLY) = INTERNAL_IP6_ADDRESS(2001:DB8:0:1:2:3:4:5/64) INTERNAL_IP6_DNS(2001:DB8:99:88:77:66:55:44) TSi = (0, 0-65535, 2001:DB8:0:1:2:3:4:5 - 2001:DB8:0:1:2:3:4:5) TSr = (0, 0-65535, 2001:DB8:0:1:: - 2001:DB8:0:1:FFFF:FFFF:FFFF:FFFF)
Notes:
The INTERNAL_IP6_ADDRESS returned in the CFG_REPLY is a 64 bit subnet, but the TSr returned in the CFG_REPLY shows a 0 bit subnet instead of the 64 bit subnet.
Kathleen told me to reject this! (Based on ipsecme list discussion.)
--VERIFIER NOTES--
Kathleen told me to!