RFC 8229, "TCP Encapsulation of IKE and IPsec Packets", August 2017

Note: This RFC has been obsoleted by RFC 9329

Errata ID: 5320
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Valery Smyslov
Date Reported: 2018-04-09
Held for Document Update by: Paul Wouters
Date Held: 2022-04-11

Throughout the document, when it says:

It should say:

TCP provides reliable transport, so there is no need for applications 
to deal with retransmissions. Moreover, sending retransmissions by IKE 
in case of TCP on congested networks could further increase congestion 
and degrade performance. For this reason IKE initiators SHOULD NOT 
retransmit requests if they are sent over TCP. However, both IKE 
initiators and responders MUST correctly handle retransmitted messages 
received over TCP, but responders SHOULD NOT resend response messages 
in this case. If IKE initiators still choose to retransmit requests 
over TCP, then the retransmission policy SHOULD be less aggressive than 
it would have been in case of UDP.

Notes:

While Section 12.2 discusses some implications that TCP transport could have on ESP protocol, the IKE retransmission behavior, described in Section 2.1 of RFC7296, is not redefined by this RFC. This is an oversight and some recommendations for implementers should have been given. The suggested text should be placed in a new section, presumably between sections 8 and 9.

Paul Wouters:

The reported of this errata is writing a bis draft for this document where this is indeed already clarified.
See https://datatracker.ietf.org/doc/html/draft-ietf-ipsecme-rfc8229bis-05#section-7.2

Resolving as Held for Document Update

Report New Errata