RFC Errata System writes: > The following errata report has been submitted for RFC7296, > "Internet Key Exchange Protocol Version 2 (IKEv2)". > > -------------------------------------- > You may review the report below and at: > https://www.rfc-editor.org/errata/eid6940 > > -------------------------------------- > Type: Editorial > Reported by: warren.wang <648936...@qq.com> > > Section: 3.10 > > Original Text > ------------- > o SPI Size (1 octet) - Length in octets of the SPI as defined by the > IPsec protocol ID or zero if no SPI is applicable. For a > notification concerning the IKE SA, the SPI Size MUST be zero and > the field must be empty. > > > Corrected Text > -------------- > o SPI Size (1 octet) - Length in octets of the SPI as defined by the > IPsec protocol ID or zero if no SPI is applicable. For a > notification concerning the IKE SA, the SPI Size MUST be zero and > the SPI field must be empty. > > > Notes > ----- > the field must be empty -> the SPI field must be empty
This change is correct, and the errata can be verified. > so for a notification concerning the IKE SA, the Protocol ID field > still shall be zero?(According to the last sentence of Protocol ID > section:"If the SPI field is empty, this field MUST be sent as zero > and MUST be ignored on receipt".) Yes. For IKE SA notifications the SPI can be seen from the header, thus there is no point of repeating the SPIs in notify payload. The Protocol ID field of the notification payload indicates which type of SPI is inside the notification payload, thus if there is no SPI in there, then there is no point of having Protocol ID either. > > Instructions: > ------------- > This erratum is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC7296 (draft-kivinen-ipsecme-ikev2-rfc5996bis-04) > -------------------------------------- > Title : Internet Key Exchange Protocol Version 2 (IKEv2) > Publication Date : October 2014 > Author(s) : C. Kaufman, P. Hoffman, Y. Nir, P. Eronen, T. Kivinen > Category : INTERNET STANDARD > Source : IP Security Maintenance and Extensions > Area : Security > Stream : IETF > Verifying Party : IESG -- kivi...@iki.fi _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
