RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 7296, "Internet Key Exchange Protocol Version 2 (IKEv2)", October 2014

Note: This RFC has been updated by RFC 7427, RFC 7670, RFC 8247, RFC 8983, RFC 9370

Source of RFC: ipsecme (sec)

Errata ID: 5247
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT

Reported By: Andrew Cagney
Date Reported: 2018-01-30
Held for Document Update by: Paul Wouters
Date Held: 2022-04-11

Section 3.10. says:

   o  Protocol ID (1 octet) - If this notification concerns an existing
      SA whose SPI is given in the SPI field, this field indicates the
      type of that SA.  For notifications concerning Child SAs, this
      field MUST contain either (2) to indicate AH or (3) to indicate
      ESP.  Of the notifications defined in this document, the SPI is
      included only with INVALID_SELECTORS, REKEY_SA, and
      CHILD_SA_NOT_FOUND.  If the SPI field is empty, this field MUST be
      sent as zero and MUST be ignored on receipt.

It should say:

   o  Protocol ID (1 octet) - If this notification concerns an existing
      SA whose SPI is given in the SPI field, this field indicates the
      type of that SA.  For notifications concerning Child SAs, this
      field MUST contain either (2) to indicate AH or (3) to indicate
      ESP.  Of the notifications defined in this document, the SPI is
      included only with INVALID_SELECTORS, REKEY_SA, and
      CHILD_SA_NOT_FOUND.  If the SPI field is empty, this field MUST be
      sent as zero to indicate NONE and MUST be ignored on receipt.

Notes:

If I assume that the 'Protocol ID' field in the notification payload is specified by:

Internet Key Exchange Version 2 (IKEv2) Parameters
IKEv2 Security Protocol Identifiers

then a notification is using the 'Reserved' value 0. Since the value is being used,
I think it would be better to give it a name. Other uses of 'Protocol ID' don't need
updating as they all explicitly list allowed values, and in no case is 0 allowed.

Paul Wouters:

This is about name for Protocol ID 0 to be seen as "NONE", versus giving it a better name. While I agree with the poster the writing could be improved, this change is not required for implementing the RFC. Thus moved to Held for Document Update where this text can then be improved upon.

Report New Errata



Advanced Search