Re: issues with IKE that need resolution

Daniel Harkins <dharkins@cisco.com> Tue, 15 September 1998 20:08 UTC

Received: (from majordom@localhost) by portal.ex.tis.com (8.8.2/8.8.2) id QAA12100 for ipsec-outgoing; Tue, 15 Sep 1998 16:08:56 -0400 (EDT)
Message-Id: <199809152026.NAA14560@chip.cisco.com>
To: Bronislav Kavsan <bkavsan@ire-ma.com>
cc: ipsec@tis.com
Subject: Re: issues with IKE that need resolution
In-reply-to: Your message of "Tue, 15 Sep 1998 16:08:21 EDT." <35FEC935.DF4AB143@ire-ma.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <14558.905891199.1@cisco.com>
Date: Tue, 15 Sep 1998 13:26:40 -0700
From: Daniel Harkins <dharkins@cisco.com>
Sender: owner-ipsec@ex.tis.com
Precedence: bulk

  There is no recovery logic in IPSec, I guess. This sounds like an
IPSecond issue (and is also not really IKE-specific).

  Dan.

On Tue, 15 Sep 1998 16:08:21 EDT you wrote
> Dan,
> 
> Thanks for pointing out this statement in the standard, but.....what will be 
>the
> connection recovery logic for an IPsec Client, which rebooted in the middle o
>f
> receiving IPsec traffic? If IPsec Client keeps silent - tt make take sender h
>ours
> before figuring out what happened.
> 
> Daniel Harkins wrote:
> 
> >   Slava,
> >
> >   Section 5.2.1 of draft-ietf-ipsec-arch-sec-07.txt states:
> >
> >       Use the packet's destination address (outer IP header), IPsec
> >       protocol, and SPI to look up the SA in the SAD.  If the SA
> >       lookup fails, drop the packet and log/report the error.
> >
> >   Dan.

issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Hilarie K. Orman
Re: issues with IKE that need resolution Bronislav Kavsan
Re: issues with IKE that need resolution H.Krawczyk
Re: issues with IKE that need resolution Bronislav Kavsan
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Bronislav Kavsan
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Henry Spencer
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Shawn Mamros
Re: issues with IKE that need resolution Shawn Mamros
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Tom Markham
Re: issues with IKE that need resolution Derrell D. Piper
Re: issues with IKE that need resolution Scott G. Kelly
Re: issues with IKE that need resolution Rodney Thayer
Re: issues with IKE that need resolution Scott G. Kelly
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Markku Savela
Re: issues with IKE that need resolution Valery Smyslov
Re: issues with IKE that need resolution Rodney Thayer
Re: issues with IKE that need resolution Shawn Mamros
Re: issues with IKE that need resolution H.Krawczyk
RE: issues with IKE that need resolution Mason, David
Re: issues with IKE that need resolution Saroop Mathur
Re: issues with IKE that need resolution Daniel Harkins
Re: issues with IKE that need resolution Rodney Thayer
Re: issues with IKE that need resolution Scott G. Kelly
Re: issues with IKE that need resolution Scott G. Kelly
Re: issues with IKE that need resolution Stephen Kent
Re: issues with IKE that need resolution Michael C. Richardson
Fwd: Re: issues with IKE that need resolution Rodney Thayer
multiple payloads via "ID_LIST" Michael C. Richardson
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: issues with IKE that need resolution Stephen Kent
RE: multiple payloads via "ID_LIST" Roy Pereira
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: multiple payloads via "ID_LIST" mcr
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: multiple payloads via "ID_LIST" Michael C. Richardson
Re: issues with IKE that need resolution Pyda Srisuresh
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: multiple payloads via "ID_LIST" Michael C. Richardson
Re: issues with IKE that need resolution Scott G. Kelly
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: multiple payloads via "ID_LIST" Michael C. Richardson
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: multiple payloads via "ID_LIST" Daniel Harkins
Re: multiple payloads via "ID_LIST" Daniel Harkins
Re: multiple payloads via "ID_LIST" Shawn Mamros
Re: multiple payloads via "ID_LIST" Scott G. Kelly
Re: issues with IKE that need resolution Pyda Srisuresh
Re: issues with IKE that need resolution Scott G. Kelly
Policy instantiation/negotiation (was Re: issues … Scott G. Kelly
Re: issues with IKE that need resolution Paul Koning
Re: Policy instantiation/negotiation (was Re: iss… Michael C. Richardson
Re: issues with IKE that need resolution Michael C. Richardson
Re: issues with IKE that need resolution Pyda Srisuresh
Re: Policy instantiation/negotiation (was Re: iss… bmanning
Re: Policy instantiation/negotiation (was Re: iss… Scott G. Kelly
Re: Policy instantiation/negotiation (was Re: iss… Luis A. Sanchez
Re: Policy instantiation/negotiation (was Re: iss… Theodore Y. Ts'o
Re: Policy instantiation/negotiation (was Re: iss… bmanning
Re: multiple payloads via "ID_LIST" Daniel Harkins
RE: multiple payloads via "ID_LIST" Roy Pereira
Re: multiple payloads via "ID_LIST" Shawn Mamros
Re: multiple payloads via "ID_LIST" Daniel Harkins
RE: multiple payloads via "ID_LIST" Roy Pereira
Re: multiple payloads via "ID_LIST" mcr
Re: multiple payloads via "ID_LIST" Scott G. Kelly