There is nothing in the drafts that indicate that this is a problem with quick mode. First, there are no restrictions on the number of phase 2 SAs between peers, even with the same selectors. Second, the initial contact notification is to be used only with phase 1 negotiations.
If an implementation is able to simultaneously negotiate multiple phase 2 SAs, then there are no problems with phase 2. There is, of course, the issue of what you do with them once you have them; that's part of the reason for the re-keying document.
---
Tim Jenkins TimeStep Corporation
tjenkins@timestep.com http://www.timestep.com
(613) 599-3610 x4304 Fax: (613) 599-3617
> -----Original Message-----
> From: Nishant Dani [mailto:nishant@frontiertech.com]
> Sent: Tuesday, October 20, 1998 2:51 PM
> To: jpickering@phase2net.com; ipsec@tis.com
> Subject: Re: [Fwd: Re: re-keying]
>
>
> Is this a problem only with Phase 1 initiation? Even if we
> have both ends
> initiating a simultaneous
> rekeying, we may end up with an exact situation regarding the
> Quick Mode SA
> deletion on both the ends. And then
> both ends are stuck. I would think that there is more
> probability of the
> occurance of a QM deadlock rather than
> a Phase 1 deadlock, because firstly QM timeouts may be more frequent.
>
> So what does one do in such a case - how to detect
> unambigously the presence
> of a deadlock, and then how to proceed.
>
> Nishant
> Frontier Technologies Corp.
>
>
> 1.
> -----Original Message-----
> From: Jeff Pickering <jpickering@phase2net.com>
> To: ipsec@tis.com <ipsec@tis.com>
> Date: Wednesday, October 14, 1998 11:02 AM
> Subject: [Fwd: Re: re-keying]
>
>
> >Any ideas on attached from anyone?
> >
> >jeff
> >
>