[strongSwan] Behavior on receiving NO_ADDITIONAL_SAS
martin at strongswan.org
Fri Mar 1 09:13:39 CET 2013
> But I think we are violating the following RFC clause here right ?
> failed attempt to create a Child SA SHOULD NOT tear down the IKE SA:
> there is no reason to lose the work done to set up the IKE SA.
I don't think so. This statement is in the section of creating
CHILD_SAs, not rekeying them. Further, it is a SHOULD NOT, not a MUST
More information about the Users