[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SA byte lifetime
> 1) Once the AH SA soft byte lifetime expires, should we :
> a) negotiate for the bundle again.- In this we are
> assuming that the ESP
> SA has also expired.
> b) negotiate for AH SA only - In this case, how ?
If using IKE as a key negotiation, it only supports (a), because current IKE
implementations cannot negotiate "unbundled" SA's (nor SA's that could be
shared between bundles).
As far as RFC-2401 is concerned, both (a) and (b) could be possible.
References: