RFC Errata
RFC 7296, "Internet Key Exchange Protocol Version 2 (IKEv2)", October 2014
Note: This RFC has been updated by RFC 7427, RFC 7670, RFC 8247, RFC 8983, RFC 9370
Source of RFC: ipsecme (sec)
Errata ID: 4387
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Yoav Nir
Date Reported: 2015-06-04
Held for Document Update by: Stephen Farrell
Date Held: 2015-06-04
Section 3.7 says:
The Certificate Request payload, denoted CERTREQ in this document, provides a means to request preferred certificates via IKE and can appear in the IKE_INIT_SA response and/or the IKE_AUTH request. Certificate Request payloads MAY be included in an exchange when the sender needs to get the certificate of the receiver.
It should say:
The Certificate Request payload, denoted CERTREQ in this document, provides a means to request preferred certificates via IKE and can appear in the IKE_SA_INIT response and/or the IKE_AUTH request. Certificate Request payloads MAY be included in an exchange when the sender needs to get the certificate of the receiver.
Notes:
IKE_SA_INIT is mis-spelled as IKE_INIT_SA this one time.