[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re: Delete (in John Burke's recent message)



 
       "The above implies that a Delete MUST be permitted to arrive in
        a separate Informational Exchange for an incomplete connection."

> This would imply the rules for the Delete must be different for Phase 1 and
Phase 2.

"Deletion of a Security Association MUST always be performed under the
protection of an ISAKMP SA." (Section 5.13) would prohibit
implementation of your suggestion for Phase 1.