Hello,
I have a Confusion regarding rekeying Procedure of IKE_SA in IKEv2.MY
confusion is when rekeying of IKE_SA is done whether its repective Keys of
CHILD_SAs ie. ESP or AH SAs would be changed or not. As per rfc 7296, in
rekeying procedure of IKE_SA new SKEYSEED would be generate and then new
set of
{SK_d | SK_ai | SK_ar | SK_ei | SK_er | SK_pi | SK_pr} =
prf+ (SKEYSEED, Ni | Nr | SPIi |
SPIr).
i.e. new Sk_d is generated.So, does this new SK_d would reflect the Ongoing
CHILD_SAs keys or not??
Please Comment on this note.Quick response would be really helpful..
_______________________________________________
Dev mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/dev
