[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RESPONDER-LIFETIME Notify question

To: Will Fiveash <will@austin.ibm.com>
Subject: Re: RESPONDER-LIFETIME Notify question
From: "Scott G. Kelly" <skelly@redcreek.com>
Date: Thu, 08 Jun 2000 11:05:02 -0700
CC: IETF IPsec <ipsec@lists.tislabs.com>
Organization: RedCreek Communications
References: <20000608121959.A57732@austin.ibm.com>
Sender: owner-ipsec@lists.tislabs.com

Hi Will,

Will Fiveash wrote:
> 
> Let's say as an initiator my code receives a notify RESPONDER-LIFETIME in
> the second Quick Mode message and the life duration isn't allowed by the
> local security policy.  Currently my code will delete the Phase 2 SA and
> send a SA delete notify to the remote system.  Do I need to send some sort
> of notify to tell the other side why I deleted the SA?
> 
> --
> Will Fiveash
> IBM AIX System Development (IPsec/IKE)

The current notify message draft suggests sending
ATTRIBUTES-NOT-SUPPORTED in this case.

Scott

References:

RESPONDER-LIFETIME Notify question

From: Will Fiveash <will@austin.ibm.com>

Prev by Date: RESPONDER-LIFETIME Notify question
Next by Date: Re: Death to AH? (was: Reasons for AH & ESP )
Prev by thread: RESPONDER-LIFETIME Notify question
Next by thread: Replay problem
Index(es):
- Main
- Thread