[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: default life negotiation issue
Here's how I understand the paragraph in IPDOI you referred to:
If there's no lifetime indicated in the exchange, then both sides MUST assume
the default of 28800 seconds. If a lifesize is given, the default lifetime
applies ALSO, and whichever conditions is hit first triggers the death of the
SA ;)
jan
On Tue, 20 Jun 2000, Will Fiveash wrote:
> Jan,
>
> I read my note again and I realize that it is a little confusing (I ask the
> same question in two different ways). Are you telling me that you assume
> that an SA may just use lifesize to determine its duration? If the
> initiator only proposed a lifesize, the responder would NOT assume the
> lifetime default was implicitly proposed? (These two questions should have
> the same answer.)
>
> On Tue, Jun 20, 2000 at 04:16:57PM -0700, Jan Vilhuber wrote:
> > Hi Will!
> >
> > Yes, I believe your assumption below is correct. At least that's how I've
> > always interpreted it.
> >
> > jan
> >
> >
> > On Tue, 20 Jun 2000, Will Fiveash wrote:
> >
> > > Can a SA be negotiated that only contains a lifesize (no lifetime in
> > > seconds)? I ask this because I got a little confused by this paragraph in
> > > RFC2407 (DOI):
> > >
> > > If unspecified, the default value shall be assumed to be 28800 seconds
> > > (8 hours).
> > >
> > > If a initiator only proposes a lifesize attribute of KBytes, do I assume
> > > that they are also implicitly proposing the default lifetime value above?
> ^^^^^^^^^^^^^^^^^^^^ Somewhat confused question whose answer should be
> the opposite of the previous question.
>
> --
> Will Fiveash
> IBM AIX System Development (IPsec/IKE)
>
--
Jan Vilhuber vilhuber@cisco.com
Cisco Systems, San Jose (408) 527-0847
Follow-Ups:
References: