[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKE Delete payloads

To: ipsec@lists.tislabs.com
Subject: IKE Delete payloads
From: antonio.barrera@nokia.com
Date: Wed, 6 Sep 2000 17:06:11 +0300
Sender: owner-ipsec@lists.tislabs.com

	If IKE wants to send a Delete payload for an IPSEC SA it can only
specify the SPI and protocol but not the destination address.
- These are the 3 things that identify a IPSEC SA so how can IKE know which
one should be erased? 
- Or IKE assumes that the destination address is the LOCAL address? 
(Then the remote end will never try to send using an SA that is no longer in
the local machine. There shouldn't be a problem for the other direction it
just it would be hanging there until it expires (no more used because no
longer in the local side and is only for incoming traffic))

Toni

Follow-Ups:

Re: IKE Delete payloads

From: Henry Spencer <henry@spsystems.net>

Prev by Date: ICMP Error replies and IPSEC
Next by Date: IKE Delete payloads (clarification)
Prev by thread: IPSec interop workshop Schedule
Next by thread: Re: IKE Delete payloads
Index(es):
- Main
- Thread