Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bis-10.txt
"V Jyothi-B22245" <B22245@freescale.com> Thu, 22 April 2010 06:59 UTC
Return-Path: <B22245@freescale.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D49663A6805 for <ipsec@core3.amsl.com>; Wed, 21 Apr 2010 23:59:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gigRD1XPWtds for <ipsec@core3.amsl.com>; Wed, 21 Apr 2010 23:59:37 -0700 (PDT)
Received: from az33egw02.freescale.net (az33egw02.freescale.net [192.88.158.103]) by core3.amsl.com (Postfix) with ESMTP id CB90E3A6A38 for <ipsec@ietf.org>; Wed, 21 Apr 2010 23:59:26 -0700 (PDT)
Received: from de01smr02.am.mot.com (de01smr02.freescale.net [10.208.0.151]) by az33egw02.freescale.net (8.14.3/az33egw02) with ESMTP id o3M6x0ni014665 for <ipsec@ietf.org>; Wed, 21 Apr 2010 23:59:06 -0700 (MST)
Received: from zin33exm29.fsl.freescale.net (zin33exm29.ap.freescale.net [10.232.192.28]) by de01smr02.am.mot.com (8.13.1/8.13.0) with ESMTP id o3M78rGT001319 for <ipsec@ietf.org>; Thu, 22 Apr 2010 02:08:55 -0500 (CDT)
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 22 Apr 2010 12:28:46 +0530
Message-ID: <402621A7D69DDA458D0E12F070D1E55F7D4853@zin33exm29.fsl.freescale.net>
In-Reply-To: <20100414221506.0E8D23A6ABA@core3.amsl.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bis-10.txt
Thread-Index: AcrcIBervC4h4EmXQdWFoRqBMKB5nQEVGy4g
References: <20100414221506.0E8D23A6ABA@core3.amsl.com>
From: V Jyothi-B22245 <B22245@freescale.com>
To: ipsec@ietf.org
Subject: Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bis-10.txt
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Apr 2010 06:59:37 -0000
Hi, In section 2.9. Traffic Selector Negotiation, The SINGLE_PAIR_REQUIRED error indicates that a CREATE_CHILD_SA request is unacceptable because its sender is only willing to accept traffic selectors specifying a single pair of addresses. The requestor is expected to respond by requesting an SA for only the specific traffic it is trying to forward. Above paragraph gives the clarity of what action to take when SINGLE_PAIR_REQUIRED notify type received in case of CREATE_CHILD_SA exchanges. Suppose if the SINGLE_PAIR_REQUIRED notify type is received in AUTH response, how initiator should act upon it? Can initiator resend AUTH request with different TSi and TSr payloads or it should establish IKE SA and then start CREATE_CHILD_SA exchange? Thanks Jyothi -----Original Message----- From: ipsec-bounces@ietf.org [mailto:ipsec-bounces@ietf.org] On Behalf Of Internet-Drafts@ietf.org Sent: Thursday, April 15, 2010 3:45 AM To: i-d-announce@ietf.org Cc: ipsec@ietf.org Subject: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bis-10.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Security Maintenance and Extensions Working Group of the IETF. Title : Internet Key Exchange Protocol: IKEv2 Author(s) : C. Kaufman, P. Hoffman, Y. Nir, P. Eronen Filename : draft-ietf-ipsecme-ikev2bis-10.txt Pages : 130 Date : 2010-4-14 This document describes version 2 of the Internet Key Exchange (IKE) protocol. IKE is a component of IPsec used for performing mutual authentication and establishing and maintaining security associations (SAs). This document replaces and updates RFC 4306, and includes all of the clarifications from RFC 4718. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-ipsecme-ikev2bis-10.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.
- [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bis-10… Internet-Drafts
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… Sean Turner
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… V Jyothi-B22245
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… Tero Kivinen
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… V Jyothi-B22245
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… Yoav Nir
- Re: [IPsec] I-D ACTION:draft-ietf-ipsecme-ikev2bi… Tero Kivinen