Section 2.8.2 seems to have quite fatal error: The new IKE SA containing the lowest nonce inherits the Child SAs.
This is wrong. The one containing the lowest nonce, is the one that is going to be deleted, not the one that survives. This needs to be changed to: The new IKE SA containing the lowest nonce SHOULD be deleted by the node that created it and the other suriving new IKE SA MUST inherit all the Child SAs. Note, that I used words MUST here as this is one of the few cases where the correct behavior is really needed for interoperability reasons. It is not needed for simultaneous Child SA cases, as traffic continues to flow, even if they do not delete the loosing Child SA (we just have one extra Child SA). In this case it is important for the interoprability that both ends AGREE on which new IKE SA inherited the Child SAs from the old IKE SA. If they disagree then all IKE SAs are messed up and future rekeys, deletes etc will fail. Deleting the loosing IKE SA is not necessarely needed for interoperability so thats why that is SHOULD (just like it is in the child SA case), but moving Child SAs to correct IKE SA is MUST. --Paul Hoffman, Director --VPN Consortium _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec