Tobias Brunner writes:
> It already states in section 3: "Non-optimized, regular rekey requests
> MUST always be accepted."
...
> So you're saying some configs, that are valid for regular IKEv2, will
> just not work with this extension? And we'll only know once there is
Combining those two, I
Hi Paul,
>> * maybe add "incompatible proposal" as a reason for initiating a
>> regular Child SA rekeying of the first SA (if the KE method used
>> for IKE is not in the Child SA proposal).
>>
>> However, I'd honestly prefer if that was just the standardized
>> behavior for the Child SA