s2.3: Should there be some discussion of the interaction of rekeying of the
IKE_SA and windows? Presumably a rekey message should not be actioned until all
previous messages have been responded to. Likewise receiving a Message ID with
a sequence number bigger than that in the rekey message should be very suspect!
Should the INVALID_MESSAGE_ID notification be sent in this case (and before or
after the rekey?) There might be some knock on into s2.8 where rekeying is
discussed. And maybe into s2.25?
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
