Daniel Migault writes: > another alternative could be: > > As the IV MUST NOT repeat for one SA when Counter-Mode ciphers are > used, Implicit IV as described in this document MUST NOT be used in > setups with the chance that the Sequence Number overlaps for one SA. > Multicast as described in [RFC5374], [RFC6407] and > [I-D.yeung-g-ikev2] is a prominent example, where many senders share > one secret and thus one SA. As > such, it is NOT RECOMMENDED to use Implicit IV with Multicast.
I would actually prefer to this. I think it is better to say don't do it, than provide ways it could be done before saying don't do it.... I.e., if someone is interested in this then we need to write new specification that will specify how it is done, so there is no point of speculating here what it could be. -- [email protected] _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
